Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-23241

Опубликовано: 17 мар. 2026
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

No description is available for this CVE.

Отчет

Audit rules for the read class could be bypassed because getxattrat and listxattrat were not included in the audit read syscall set. A local process can read extended attributes using the at variants and avoid triggering audit watches such as file path rules configured for reads. Impact is limited to the situations where could be reduced security monitoring and potential evasion of audit based detection and compliance controls.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelFix deferred
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelFix deferred
Red Hat Enterprise Linux 7kernel-rtFix deferred
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-693
https://bugzilla.redhat.com/show_bug.cgi?id=2448335kernel: audit: add missing syscalls to read class

EPSS

Процентиль: 6%
0.00023
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-23241

ubuntu
11 дней назад

[audit: add missing syscalls to read class]

nvd логотип

CVE-2026-23241

nvd
10 дней назад

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.

msrc логотип

CVE-2026-23241

CVSS3: 5.5
msrc
10 дней назад

audit: add missing syscalls to read class

debian логотип

CVE-2026-23241

debian
10 дней назад

In the Linux kernel, the following vulnerability has been resolved: a ...

github логотип

GHSA-c2fm-fx6j-95j7

github
10 дней назад

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.

EPSS

Процентиль: 6%
0.00023
Низкий

5.1 Medium

CVSS3