CVE-2026-54230 – Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

CVE ID :CVE-2026-54230

Published : June 13, 2026, 3:16 a.m. | 33 minutes ago

Description :A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and writes content to the symlink target, allowing arbitrary file overwrites on the system.

Severity: 7.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9848 – WP Ticket

CVE-2026-54231 – Abrt: unsanitized systemd journal content written to dump directory files enables content injection

CVE-2026-54229 – Abrt: chownproblemdir succeeds during active post-create event processing due to inadequate locking

CVE-2026-54228 – Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories