CVE-2026-23241

Опубликовано: 17 мар. 2026

Источник: nvd

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

audit: add missing syscalls to read class

The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as:

-w /tmp/test -p rwa -k test_rwa

The current patch adds missing syscalls to the audit read class.

Ссылки

EPSS

Процентиль: 6%

0.00023

Низкий

Дефекты

Связанные уязвимости

CVE-2026-23241

ubuntu

11 дней назад

[audit: add missing syscalls to read class]

CVE-2026-23241

CVSS3: 5.1

redhat

11 дней назад

No description is available for this CVE.

CVE-2026-23241

CVSS3: 5.5

msrc

10 дней назад

audit: add missing syscalls to read class

CVE-2026-23241

debian

10 дней назад

In the Linux kernel, the following vulnerability has been resolved: a ...

GHSA-c2fm-fx6j-95j7

github

10 дней назад

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.

EPSS

Процентиль: 6%

0.00023

Низкий