Уязвимость CVE-2026-26158

Релиз	Статус	Примечание
devel	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage
upstream	needs-triage

CVE-2026-26158

CVSS3: 7

redhat

около 2 месяцев назад

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.

CVE-2026-26158

CVSS3: 7

nvd

около 1 месяца назад

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.

CVE-2026-26158

CVSS3: 7

debian

около 1 месяца назад

A flaw was found in BusyBox. This vulnerability allows an attacker to ...

GHSA-r8f8-4pgh-4m8v

CVSS3: 7

github

около 1 месяца назад

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.

SUSE-SU-2026:0759-1

suse-cvrf

25 дней назад

Security update for busybox

exploitDog

CVE-2026-26158

Описание

Ссылки на источники

Связанные уязвимости

CVE-2026-26158

Описание

Пакет busybox

Ссылки на источники

Связанные уязвимости