7
CVE-2026-4878
- EPSS 0.19%
- Veröffentlicht 09.04.2026 14:49:02
- Zuletzt bearbeitet 09.07.2026 18:16:52
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Libcap Project ≫ Libcap Version-
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.085 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secalert@redhat.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
https://bugzilla.redhat.com/show_bug.cgi?id=2447554
https://bugzilla.redhat.com/show_bug.cgi?id=2451615
http://www.openwall.com/lists/oss-security/2026/04/07/14
http://www.openwall.com/lists/oss-security/2026/04/07/4
http://www.openwall.com/lists/oss-security/2026/04/08/9
http://www.openwall.com/lists/oss-security/2026/04/09/5
http://www.openwall.com/lists/oss-security/2026/04/09/6
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json
https://access.redhat.com/errata/RHSA-2026:14937
https://access.redhat.com/errata/RHSA-2026:21275
https://access.redhat.com/errata/RHSA-2026:25044
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:25181
https://access.redhat.com/errata/RHSA-2026:26542
https://access.redhat.com/errata/RHSA-2026:28887
https://access.redhat.com/errata/RHSA-2026:30078
https://access.redhat.com/errata/RHSA-2026:30087
https://access.redhat.com/errata/RHSA-2026:30088
https://access.redhat.com/errata/RHSA-2026:30089
https://access.redhat.com/errata/RHSA-2026:22634
https://access.redhat.com/errata/RHSA-2026:14162
https://access.redhat.com/errata/RHSA-2026:29197
https://access.redhat.com/errata/RHSA-2026:27998
https://access.redhat.com/errata/RHSA-2026:12423
https://access.redhat.com/errata/RHSA-2026:12441
https://access.redhat.com/errata/RHSA-2026:13285
https://access.redhat.com/errata/RHSA-2026:19130
https://access.redhat.com/errata/RHSA-2026:19346
https://access.redhat.com/errata/RHSA-2026:19456
https://access.redhat.com/errata/RHSA-2026:19458
https://access.redhat.com/errata/RHSA-2026:20595
https://access.redhat.com/errata/RHSA-2026:21254
https://access.redhat.com/errata/RHSA-2026:22957
https://access.redhat.com/errata/RHSA-2026:23233
https://access.redhat.com/errata/RHSA-2026:23245
https://access.redhat.com/errata/RHSA-2026:24346
https://access.redhat.com/errata/RHSA-2026:34098
https://access.redhat.com/errata/RHSA-2026:7473
https://access.redhat.com/security/cve/CVE-2026-4878