Detections
Analytics
Amazon Linux 2023 : libsolv, libsolv-demo, libsolv-devel (ALAS2023-2026-1798)
medium Nessus Plugin ID 319848
Synopsis
The remote Amazon Linux 2023 host is missing a security update.Description
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1798 advisory.A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processing this crafted signature could lead to a denial of service in automated package or repository processing workflows. (CVE-2026-48863)
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service. (CVE-2026-48864)
A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repo_add_solv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS). (CVE-2026-9149)
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system. (CVE-2026-9150)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Run 'dnf update libsolv --releasever 2023.12.20260608' or or 'dnf update --advisory ALAS2023-2026-1798 --releasever 2023.12.20260608' to update your system.See Also
https://alas.aws.amazon.com//AL2023/ALAS2023-2026-1798.html
https://alas.aws.amazon.com/faqs.html
https://explore.alas.aws.amazon.com/CVE-2026-48863.html
https://explore.alas.aws.amazon.com/CVE-2026-48864.html
Plugin Details
Severity: Medium
ID: 319848
File Name: al2023_ALAS2023-2026-1798.nasl
Version: 1.1
Type: Local
Agent: unix
Published: 6/8/2026
Updated: 6/8/2026
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.1
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2026-9149
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:libsolv-tools-debuginfo, p-cpe:/a:amazon:linux:python3-solv-debuginfo, p-cpe:/a:amazon:linux:libsolv-devel, p-cpe:/a:amazon:linux:libsolv-demo-debuginfo, p-cpe:/a:amazon:linux:perl-solv, p-cpe:/a:amazon:linux:ruby-solv, p-cpe:/a:amazon:linux:ruby-solv-debuginfo, p-cpe:/a:amazon:linux:libsolv-debugsource, p-cpe:/a:amazon:linux:libsolv-demo, p-cpe:/a:amazon:linux:perl-solv-debuginfo, p-cpe:/a:amazon:linux:libsolv-tools, p-cpe:/a:amazon:linux:python3-solv, p-cpe:/a:amazon:linux:libsolv, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:libsolv-debuginfo
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/8/2026
Vulnerability Publication Date: 5/20/2026
Reference Information
CVE: CVE-2026-48863, CVE-2026-48864, CVE-2026-9149, CVE-2026-9150