5.5

CVE-2026-11819

Community.general: community.general keyring_info — os keyring passphrase returned in plaintext

Module: plugins/modules/keyring_info.py 

CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 

Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result["passphrase"] with no output suppression, no no_log protection, and no documentation warning. 

Root Cause:

Line 105 (protected): keyring_password=dict(type="str", required=True, no_log=True)
Line 127 (NOT protected): result["passphrase"] = passphrase

Observed Output:

{
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
Visible via register + debug:
{
"keyring_result": {
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
}

Impact: 

Master passwords, SSH key passphrases and service credentials appear in all Ansible output 

register: keyring_result followed by debug: var=keyring_result prints passphrase in full 

Ansible fact caching backends (Redis, JSON file, memcached) may persist the passphrase 

AWX/Tower job logs silently store the live credential

Fix:

module.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)

Also add a documentation warning requiring callers to use no_log: true at the task level.

PoCs


Fig 1: PoC execution showing passphrase in plaintext output


Fig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatEnterprise Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.023
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://bugzilla.redhat.com/show_bug.cgi?id=2487251
Vendor Advisory
Issue Tracking
https://access.redhat.com/security/cve/cve-2026-11819
Vendor Advisory