VDB
CVE-2026-4878
CVE-2026-4878
PUBLISHED
CVSS 6.699999809265137 MEDIUM
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
EPSS 0.01% · 2.5th percentile
Risk Scores
CVSS v3.1
6.699999809265137
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.01%
2.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat OpenShift Container Platform 4 | |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 9 | |
| Red Hat | Red Hat Hardened Images | |
| Red Hat | Red Hat Enterprise Linux 10 | |
| Red Hat | Red Hat Enterprise Linux 7 |
Timeline
- Apr 9, 2026 CVE Published
- Apr 10, 2026 EPSS Score
- Apr 10, 2026 Security Advisory
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 3, 2026 Distribution Patch
- May 3, 2026 Distribution Patch
- May 4, 2026 Distribution Patch
References
- https://access.redhat.com/security/cve/CVE-2026-4878 vdb
- https://bugzilla.redhat.com/show_bug.cgi?id=2447554 url
- RHBZ#2451615 issue
- http://www.openwall.com/lists/oss-security/2026/04/07/4 url
- http://www.openwall.com/lists/oss-security/2026/04/07/14 url
- http://www.openwall.com/lists/oss-security/2026/04/08/9 url
- http://www.openwall.com/lists/oss-security/2026/04/09/5 url
- http://www.openwall.com/lists/oss-security/2026/04/09/6 url
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37451 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37445 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37460 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37449 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37450 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37466 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37468 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37444 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37461 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37459 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37446 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37465 advisory
…and 6 more