SUSE-SU-2026:22347-1

Vulnerability from csaf_suse - Published: 2026-06-23 12:43 - Updated: 2026-06-23 12:43
Summary
Security update for 7zip
Severity
Important
Notes
Title of the patch: Security update for 7zip
Description of the patch: This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure (bsc#1267858). - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation (bsc#1267421). - CVE-2026-48101: Information Disclosure via uninitialized memory in UEFI capsule parser (bsc#1267859). - CVE-2026-48102: Information disclosure and denial of service via crafted UDF image (bsc#1267860). - CVE-2026-48103: off-by-one heap out-of-bounds read (bsc#1267861). - CVE-2026-48104: Uninitialized heap read in SquashFS archive handler (bsc#1267862). - CVE-2026-48111: off-by-one out-of-bounds read in ParseDepedencyExpression function (bsc#1267863). - CVE-2026-48112: heap out-of-bounds read in BSD SYMDEF parser (bsc#1267864). Changes: * linux version of 7-Zip can use huge pages (2 MB pages). It can increase compression speed for 10% for 7z/xz/LZMA/LZMA2 compression. * new -spo[d|c|r] switch specifies the path generation mode for the output directory for archive extraction. The output directory path is generated from the path specified in the -o{dir_path} switch and the name of the archive being unpacked. -spod : for Linux/Posix/macOS: -o{dir_path} specifies the direct path to the output directory. The asterisk (*) character in {dir_path} will not be replaced by the archive name. -spoc : 7-Zip will concatenate the path specified in -o{dir_path} with the archive name to form the final path to the output directory. -spor : 7-Zip will replace asterisk (*) character in the path specified in the -o{dir_path} with the archive name. This is the default option. * some bugs were fixed. - Update to 26.00: * improved code for ZIP, CPIO, RAR, UFD, QCOW, Compound. * 7-Zip File Manager: improved sorting order of the file list. It uses file name as secondary sorting key.: * 7-Zip File Manager: improved Benchmark to support systems with more than 64 CPU threads. * bug fixed: 7-Zip could not correctly extract TAR archives containing sparse files
Patchnames: SUSE-SLES-16.0-1051
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact moderate
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact important
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact moderate
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact low
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact low
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact low
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact low
Affected products
Product Identifier Version Remediation
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x
Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64
Vendor Fix
Threats
Impact low
References
URL Category
https://www.suse.com/support/security/rating/ external
https://ftp.suse.com/pub/projects/security/csaf/s… self
https://www.suse.com/support/update/announcement/… self
https://lists.suse.com/pipermail/sle-updates/2026… self
https://bugzilla.suse.com/1267421 self
https://bugzilla.suse.com/1267858 self
https://bugzilla.suse.com/1267859 self
https://bugzilla.suse.com/1267860 self
https://bugzilla.suse.com/1267861 self
https://bugzilla.suse.com/1267862 self
https://bugzilla.suse.com/1267863 self
https://bugzilla.suse.com/1267864 self
https://www.suse.com/security/cve/CVE-2026-48092/ self
https://www.suse.com/security/cve/CVE-2026-48095/ self
https://www.suse.com/security/cve/CVE-2026-48101/ self
https://www.suse.com/security/cve/CVE-2026-48102/ self
https://www.suse.com/security/cve/CVE-2026-48103/ self
https://www.suse.com/security/cve/CVE-2026-48104/ self
https://www.suse.com/security/cve/CVE-2026-48111/ self
https://www.suse.com/security/cve/CVE-2026-48112/ self
https://www.suse.com/security/cve/CVE-2026-48092 external
https://bugzilla.suse.com/1267858 external
https://www.suse.com/security/cve/CVE-2026-48095 external
https://bugzilla.suse.com/1267421 external
https://www.suse.com/security/cve/CVE-2026-48101 external
https://bugzilla.suse.com/1267859 external
https://www.suse.com/security/cve/CVE-2026-48102 external
https://bugzilla.suse.com/1267860 external
https://www.suse.com/security/cve/CVE-2026-48103 external
https://bugzilla.suse.com/1267861 external
https://www.suse.com/security/cve/CVE-2026-48104 external
https://bugzilla.suse.com/1267862 external
https://www.suse.com/security/cve/CVE-2026-48111 external
https://bugzilla.suse.com/1267863 external
https://www.suse.com/security/cve/CVE-2026-48112 external
https://bugzilla.suse.com/1267864 external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for 7zip",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for 7zip fixes the following issues\n\nUpdate to 26.01:\n\n- CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure (bsc#1267858).\n- CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation (bsc#1267421).\n- CVE-2026-48101: Information Disclosure via uninitialized memory in UEFI capsule parser (bsc#1267859).\n- CVE-2026-48102: Information disclosure and denial of service via crafted UDF image (bsc#1267860).\n- CVE-2026-48103: off-by-one heap out-of-bounds read (bsc#1267861).\n- CVE-2026-48104: Uninitialized heap read in SquashFS archive handler (bsc#1267862).\n- CVE-2026-48111: off-by-one out-of-bounds read in ParseDepedencyExpression function (bsc#1267863).\n- CVE-2026-48112: heap out-of-bounds read in BSD SYMDEF parser (bsc#1267864).\n\nChanges:\n\n * linux version of 7-Zip can use huge pages (2 MB pages). It can\n increase compression speed for 10% for 7z/xz/LZMA/LZMA2 compression.\n * new -spo[d|c|r] switch specifies the path generation mode for\n the output directory for archive extraction. The output directory\n path is generated from the path specified in the -o{dir_path}\n switch and the name of the archive being unpacked.\n -spod : for Linux/Posix/macOS: -o{dir_path} specifies the direct\n path to the output directory. The asterisk (*) character\n in {dir_path} will not be replaced by the archive name.\n -spoc : 7-Zip will concatenate the path specified in -o{dir_path}\n with the archive name to form the final path to the output\n directory.\n -spor : 7-Zip will replace asterisk (*) character in the path\n specified in the -o{dir_path} with the archive name.\n This is the default option.\n * some bugs were fixed.\n- Update to 26.00:\n * improved code for ZIP, CPIO, RAR, UFD, QCOW, Compound.\n * 7-Zip File Manager: improved sorting order of the file list.\n It uses file name as secondary sorting key.:\n * 7-Zip File Manager: improved Benchmark to support systems with more than\n 64 CPU threads.\n * bug fixed: 7-Zip could not correctly extract TAR archives containing sparse\n files\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLES-16.0-1051",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22347-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:22347-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622347-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:22347-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047792.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267421",
        "url": "https://bugzilla.suse.com/1267421"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267858",
        "url": "https://bugzilla.suse.com/1267858"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267859",
        "url": "https://bugzilla.suse.com/1267859"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267860",
        "url": "https://bugzilla.suse.com/1267860"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267861",
        "url": "https://bugzilla.suse.com/1267861"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267862",
        "url": "https://bugzilla.suse.com/1267862"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267863",
        "url": "https://bugzilla.suse.com/1267863"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1267864",
        "url": "https://bugzilla.suse.com/1267864"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48092 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48092/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48095 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48095/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48101 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48101/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48102 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48102/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48103 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48103/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48104 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48104/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48111 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48111/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-48112 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-48112/"
      }
    ],
    "title": "Security update for 7zip",
    "tracking": {
      "current_release_date": "2026-06-23T12:43:00Z",
      "generator": {
        "date": "2026-06-23T12:43:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:22347-1",
      "initial_release_date": "2026-06-23T12:43:00Z",
      "revision_history": [
        {
          "date": "2026-06-23T12:43:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7zip-26.01-160000.1.1.aarch64",
                "product": {
                  "name": "7zip-26.01-160000.1.1.aarch64",
                  "product_id": "7zip-26.01-160000.1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7zip-26.01-160000.1.1.ppc64le",
                "product": {
                  "name": "7zip-26.01-160000.1.1.ppc64le",
                  "product_id": "7zip-26.01-160000.1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7zip-26.01-160000.1.1.s390x",
                "product": {
                  "name": "7zip-26.01-160000.1.1.s390x",
                  "product_id": "7zip-26.01-160000.1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7zip-26.01-160000.1.1.x86_64",
                "product": {
                  "name": "7zip-26.01-160000.1.1.x86_64",
                  "product_id": "7zip-26.01-160000.1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 16.0",
                "product": {
                  "name": "SUSE Linux Enterprise Server 16.0",
                  "product_id": "SUSE Linux Enterprise Server 16.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:16:16.0:server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP applications 16.0",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP applications 16.0",
                  "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64"
        },
        "product_reference": "7zip-26.01-160000.1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le"
        },
        "product_reference": "7zip-26.01-160000.1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x"
        },
        "product_reference": "7zip-26.01-160000.1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64"
        },
        "product_reference": "7zip-26.01-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64"
        },
        "product_reference": "7zip-26.01-160000.1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le"
        },
        "product_reference": "7zip-26.01-160000.1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x"
        },
        "product_reference": "7zip-26.01-160000.1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "7zip-26.01-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        },
        "product_reference": "7zip-26.01-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-48092",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48092"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass the fragment bounds check, causing memcpy to read heap memory preceding the cache buffer into the extracted file. The vulnerability is exploitable only on 32-bit builds of 7-Zip where size_t is 32 bits, allowing the addition offsetInBlock + blockSize to wrap modulo 2. On 64-bit builds the addition is promoted to 64 bits and the check correctly rejects the input. Version 26.01 patches the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48092",
          "url": "https://www.suse.com/security/cve/CVE-2026-48092"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267858 for CVE-2026-48092",
          "url": "https://bugzilla.suse.com/1267858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-48092"
    },
    {
      "cve": "CVE-2026-48095",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48095"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCuSize shift UB), potentially allowing attackers to cause arbitrary code execution or application crashes. CInStream::GetCuSize() in the NTFS handler computes the compression-unit buffer size as (UInt32)1 \u003c\u003c (BlockSizeLog + CompressionUnit), and a crafted image with ClusterSizeLog \u003e= 28 and CompressionUnit == 4 drives the exponent to 32, which is undefined behavior and collapses on x86/x64 so _inBuf is allocated as 1 byte. ReadStream_FALSE then writes up to 256 MB of attacker-controlled data into that 1-byte buffer in 64 KB iterations, and because the CInStream object sits only 304 bytes after _inBuf, its vtable pointer is overwritten and the next dispatched call achieves a vtable hijack. On 32-bit builds the overflow is unconditionally reached; on 64-bit it requires the parallel 8 GB _outBuf allocation to succeed, otherwise failing closed to denial of service. The NTFS handler is enabled by default in stock 7z.dll and, via signature-based fallback matching \"NTFS    \" at offset 3, will open a crafted image regardless of file extension during extraction or testing. Version 26.01 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48095",
          "url": "https://www.suse.com/security/cve/CVE-2026-48095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267421 for CVE-2026-48095",
          "url": "https://bugzilla.suse.com/1267421"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-48095"
    },
    {
      "cve": "CVE-2026-48101",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48101"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize (up to 1 GiB) without zero-initialization, then reads the file contents into it with ReadStream_FALSE whose return value is silently discarded. If the file is truncated, the unread tail of the buffer retains uninitialized heap memory, which is then exposed as extracted file content via GetStream. Version 26.0.1 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48101",
          "url": "https://www.suse.com/security/cve/CVE-2026-48101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267859 for CVE-2026-48101",
          "url": "https://bugzilla.suse.com/1267859"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-48101"
    },
    {
      "cve": "CVE-2026-48102",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48102"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler\u0027s File Identifier Descriptor parser. In CFileId::Parse (CPP/7zip/Archive/Udf/UdfIn.cpp), after validating size \u003c 38 + idLen + impLen and advancing processed to 38 + impLen + idLen, the alignment-padding loop reads p[processed] while incrementing up to 3 times to reach a 4-byte boundary, and the processed \u003c= size bounds check only runs after the loop. When (38 + impLen + idLen) % 4 != 0 and 38 + impLen + idLen == size, the loop reads 1 to 3 bytes past the end of the exact-size heap buffer allocated via buf.Alloc((size_t)item.Size). The UDF handler is registered for .iso and .udf files and auto-detected by signature, and the OOB read triggers during Open() when listing or extracting a crafted UDF image. Impact is limited to information disclosure (a 1-bit oracle per OOB byte via open/fail behavior) and denial of service (crash under hardened allocators); there is no write primitive. Version 26.01 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48102",
          "url": "https://www.suse.com/security/cve/CVE-2026-48102"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267860 for CVE-2026-48102",
          "url": "https://bugzilla.suse.com/1267860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-48102"
    },
    {
      "cve": "CVE-2026-48103",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48103"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windows Imaging) archive handler\u0027s security descriptor lookup. In CHandler::GetSecurity (CPP/7zip/Archive/Wim/WimHandler.cpp), the per-image SecurOffsets table holds numEntries + 1 cumulative offsets, but the check securityId \u003e= SecurOffsets.Size() admits securityId == numEntries, and the function then reads SecurOffsets[securityId + 1], fetching one UInt32 past the end of the heap-allocated CRecordVector (which performs no bounds checking on operator[]). The securityId is attacker-controlled at offset +0xC of any directory entry in WIM metadata, and the handler is registered for .wim, .swm, .esd, and .ppkg and enabled by default in stock 7z.dll; the OOB triggers zero-click in the GUI because 7zFM.exe\u0027s ListView calls GetRawProp(kpidNtSecure) for every item during listing (ASan-confirmed), and is also reachable via CLI listing with 7zz l -slt. Impact is limited to denial of service under hardened allocators and minor information disclosure, since the OOB value is only consumed arithmetically as a length and is not surfaced to the attacker; there is no write primitive.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48103",
          "url": "https://www.suse.com/security/cve/CVE-2026-48103"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267861 for CVE-2026-48103",
          "url": "https://bugzilla.suse.com/1267861"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-48103"
    },
    {
      "cve": "CVE-2026-48104",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48104"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, _blockToNode is allocated with capacity for every metadata block but populated only when an inode crosses a block boundary, so a crafted image with few inodes spanning many blocks leaves most slots holding raw heap contents (the underlying allocator does not zero-initialize POD storage). When OpenDir looks up an attacker-influenced blockIndex (derived from the RootInode superblock field), it reads two of these uninitialized slots and passes them as the left/right bounds of a binary search over _nodesPos, which dereferences the midpoint without bounds checking; if the resulting value happens to match the search key, the returned index is used to read a full node struct from _nodes whose fields feed further directory parsing, forming a chained OOB read primitive that is heap-layout-dependent and not reliably triggerable. The SquashFS handler is enabled by default in stock 7z.dll and the issue triggers during Open() with no interaction beyond opening the file; impact is denial of service from wild-pointer dereference and potential heap information disclosure, with no write primitive. Version 26.01 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48104",
          "url": "https://www.suse.com/security/cve/CVE-2026-48104"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267862 for CVE-2026-48104",
          "url": "https://bugzilla.suse.com/1267862"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-48104"
    },
    {
      "cve": "CVE-2026-48111",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48111"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parser(CPP/7zip/Archive/UefiHandler.cpp). The function validates an attacker-controlled opcode byte using \u003e instead of \u003e= against the element count of the 10-entry kExpressionCommands static array, allowing an opcode value of 10 to read one pointer slot (8 bytes on x64) past the end of the array in .rodata. The out-of-bounds value is then dereferenced as a const char * and passed through strlen and memcpy into the archive\u0027s Characts property, which may cause either a denial of service (access violation when the adjacent bytes do not form a valid readable pointer) or a minor information disclosure of an adjacent .rdata string literal into archive metadata. The vulnerability is reached automatically during IInArchive::Open() via the call path OpenFv/OpenCapsule -\u003e ParseVolume -\u003e ParseSections when processing a SECTION_DXE_DEPEX (0x13) or SECTION_PEI_DEPEX (0x1B) section whose first body byte is 0x0A, and the UEFI handler is enabled by default in stock 7z.dll with signature-based detection for both UEFIc and UEFIf formats. The outcome (crash vs. silent leak) is deterministic per build but linker-layout dependent, with no write primitive and no disclosure of heap data, secrets, or ASLR base addresses. Version 26.01 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48111",
          "url": "https://www.suse.com/security/cve/CVE-2026-48111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267863 for CVE-2026-48111",
          "url": "https://bugzilla.suse.com/1267863"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-48111"
    },
    {
      "cve": "CVE-2026-48112",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-48112"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style __.SYMDEF symbol table, the ParseLibSymbols function reads a 32-bit namesSize field via Get32 at a position that can equal the buffer size, reading 4 bytes past the end of the heap allocation. This reads uninitialized heap data under the default allocator. Version 26.01 patches the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-48112",
          "url": "https://www.suse.com/security/cve/CVE-2026-48112"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1267864 for CVE-2026-48112",
          "url": "https://bugzilla.suse.com/1267864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:7zip-26.01-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.aarch64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:7zip-26.01-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-23T12:43:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-48112"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…