7.5

CVE-2026-6893

Dracut: dracut: root code execution via dhcp options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and written into temporary shell scripts without proper escaping, leading to command injection. This allows the attacker to achieve root code execution within the initramfs, potentially compromising the system's boot and network behavior.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
Produkt Red Hat Enterprise Linux AppStream (v. 10)
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux AppStream (v. 9)
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux BaseOS (v. 10)
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux BaseOS (v. 8)
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux BaseOS (v. 9)
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Hardened Images
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 6
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 7
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat OpenShift Container Platform 4
Default Statusaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.13% 0.622
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 7.5 1.6 5.9
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7.5 1.6 5.9
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://access.redhat.com/security/cve/CVE-2026-6893
https://bugzilla.redhat.com/show_bug.cgi?id=2459963
https://access.redhat.com/errata/RHSA-2026:26532
https://access.redhat.com/errata/RHSA-2026:26533
https://access.redhat.com/errata/RHSA-2026:26534
https://access.redhat.com/errata/RHSA-2026:26713
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6893.json