<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>OpenSUSE - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/vendors/opensuse/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Thu, 16 Jul 2026 01:19:34 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/vendors/opensuse/feed.xml" rel="self" type="application/rss+xml"/><item><title>CVE-2026-48863: libsolv Stack-Based Buffer Overflow Leading to Denial of Service</title><link>https://feed.craftedsignal.io/briefs/2026-07-libsolv-dos/</link><pubDate>Thu, 16 Jul 2026 01:19:34 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-libsolv-dos/</guid><description>A critical stack-based buffer overflow vulnerability, CVE-2026-48863, has been identified in the PGP verification component of libsolv, allowing a remote attacker to trigger a denial of service by crafting a malicious Ed25519 PGP signature with mismatched MPI lengths, impacting automated package or repository processing workflows.</description><content:encoded><![CDATA[<p>A significant flaw, identified as CVE-2026-48863, has been discovered in <code>libsolv</code>, a core library used in package management for Linux distributions. This vulnerability manifests as a stack-based buffer overflow within the PGP verification component. Specifically, it stems from incorrect length handling when copying the EdDSA 's' Multi-Precision Integer (MPI) into a stack buffer. A remote attacker can exploit this by crafting a specially malformed Ed25519 PGP signature that includes mismatched MPI lengths. When an affected system processes this malicious signature, particularly within automated package or repository processing workflows, the buffer overflow can lead to a denial of service. The impact of this vulnerability is a disruption to critical system functions reliant on <code>libsolv</code> for package integrity checks, potentially affecting software updates and deployments.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>A remote attacker crafts a malicious Ed25519 PGP signature designed to exploit the <code>libsolv</code> vulnerability.</li>
<li>The crafted signature is engineered to contain deliberately mismatched lengths for the EdDSA 's' MPI component.</li>
<li>The attacker introduces this malicious PGP signature into an environment where it will be processed by a system utilizing <code>libsolv</code> for PGP verification. This could be a compromised package repository, a malicious package, or other distribution channels.</li>
<li>An automated package or repository processing workflow, typically performing integrity checks, attempts to verify the supplied signature using the <code>libsolv</code> PGP verification component.</li>
<li>During the internal signature verification, <code>libsolv</code> attempts to copy the malformed EdDSA 's' MPI data into a fixed-size stack buffer.</li>
<li>Due to the incorrect length handling and the attacker-controlled mismatched lengths, the copy operation writes beyond the boundaries of the allocated stack buffer, causing a stack-based buffer overflow.</li>
<li>This buffer overflow corrupts adjacent memory regions on the stack, leading to a crash or severe instability in the <code>libsolv</code> process.</li>
<li>The resulting process termination or system instability causes a denial of service, disrupting automated package management and repository processing functionalities.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The successful exploitation of CVE-2026-48863 leads directly to a denial of service within automated package or repository processing workflows. This impact can result in significant operational disruption, preventing systems from receiving essential software updates, security patches, or new package installations. For organizations relying on <code>libsolv</code> for package management, this vulnerability could halt critical deployment pipelines, compromise the integrity of software distribution, and potentially leave systems unpatched or vulnerable to other threats due to update failures. Given <code>libsolv</code>'s role in many Linux distributions, the potential for widespread disruption is considerable.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Patch CVE-2026-48863 immediately by updating <code>libsolv</code> to version 0.7.38 or later on all affected OpenSUSE systems.</li>
<li>Monitor system logs for unexpected crashes or service interruptions related to package management daemons or processes that utilize <code>libsolv</code>.</li>
</ul>
]]></content:encoded><category domain="severity">low</category><category domain="type">advisory</category><category>vulnerability</category><category>denial-of-service</category><category>buffer-overflow</category><category>linux</category><category>libsolv</category></item></channel></rss>