Описание
ELSA-2025-22760: abrt security update (IMPORTANT)
[2.10.9-25.0.1]
- Replaces sosreport to sos report in sosreport-event.conf [Orabug: 38590929]
- abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm [Orabug: 34184473]
- Disable autoreporting on Oracle Linux [Orabug: 32890748]
- Add orabug32082455-Upstream_reference_in_python3-abrt-addon.patch [Orabug: 32082455]
- Add bug29870394-fix-redhat-reference.patch [Orabug: 29870394]
- Drop libreport-rhel and libreport-plugin-rhtsupport requires
[2.10.9-25.openela.0.1]
- Remove RHT patches
[2.10.9-25]
- a-a-save-container-data: validate input
- Resolves: CVE-2025-12744
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
abrt
2.10.9-25.0.1.el8_10
abrt-addon-ccpp
2.10.9-25.0.1.el8_10
abrt-addon-coredump-helper
2.10.9-25.0.1.el8_10
abrt-addon-kerneloops
2.10.9-25.0.1.el8_10
abrt-addon-pstoreoops
2.10.9-25.0.1.el8_10
abrt-addon-vmcore
2.10.9-25.0.1.el8_10
abrt-addon-xorg
2.10.9-25.0.1.el8_10
abrt-cli
2.10.9-25.0.1.el8_10
abrt-cli-ng
2.10.9-25.0.1.el8_10
abrt-console-notification
2.10.9-25.0.1.el8_10
abrt-dbus
2.10.9-25.0.1.el8_10
abrt-desktop
2.10.9-25.0.1.el8_10
abrt-gui
2.10.9-25.0.1.el8_10
abrt-gui-libs
2.10.9-25.0.1.el8_10
abrt-libs
2.10.9-25.0.1.el8_10
abrt-plugin-machine-id
2.10.9-25.0.1.el8_10
abrt-plugin-sosreport
2.10.9-25.0.1.el8_10
abrt-tui
2.10.9-25.0.1.el8_10
python3-abrt
2.10.9-25.0.1.el8_10
python3-abrt-addon
2.10.9-25.0.1.el8_10
python3-abrt-container-addon
2.10.9-25.0.1.el8_10
python3-abrt-doc
2.10.9-25.0.1.el8_10
Oracle Linux x86_64
abrt
2.10.9-25.0.1.el8_10
abrt-addon-ccpp
2.10.9-25.0.1.el8_10
abrt-addon-coredump-helper
2.10.9-25.0.1.el8_10
abrt-addon-kerneloops
2.10.9-25.0.1.el8_10
abrt-addon-pstoreoops
2.10.9-25.0.1.el8_10
abrt-addon-vmcore
2.10.9-25.0.1.el8_10
abrt-addon-xorg
2.10.9-25.0.1.el8_10
abrt-cli
2.10.9-25.0.1.el8_10
abrt-cli-ng
2.10.9-25.0.1.el8_10
abrt-console-notification
2.10.9-25.0.1.el8_10
abrt-dbus
2.10.9-25.0.1.el8_10
abrt-desktop
2.10.9-25.0.1.el8_10
abrt-gui
2.10.9-25.0.1.el8_10
abrt-gui-libs
2.10.9-25.0.1.el8_10
abrt-libs
2.10.9-25.0.1.el8_10
abrt-plugin-machine-id
2.10.9-25.0.1.el8_10
abrt-plugin-sosreport
2.10.9-25.0.1.el8_10
abrt-tui
2.10.9-25.0.1.el8_10
python3-abrt
2.10.9-25.0.1.el8_10
python3-abrt-addon
2.10.9-25.0.1.el8_10
python3-abrt-container-addon
2.10.9-25.0.1.el8_10
python3-abrt-doc
2.10.9-25.0.1.el8_10
Связанные CVE
Связанные уязвимости
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.