11 matches found
PT-2026-49073
Name of the Vulnerable Software and Affected Versions abrt-dbus affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists in the SetElement method of the abrt-dbus D-Bus service. A TOCTOU race condition occurs when a program checks a condition such as a...
abrt: Command-injection in ABRT leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
abrt: Command-injection in ABRT leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
SUSE CVE-2025-12744
A flaw was found in the ABRT daemon's handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
abrt: Command-injection in ABRT leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
Linux Distros Unpatched Vulnerability : CVE-2025-12744
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the ABRT daemon's handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them direct...
CVE-2025-12744
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
CVE-2025-12744 Abrt: command-injection in abrt leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
CVE-2025-12744 Abrt: command-injection in abrt leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...
CVE-2025-12744
ABRT daemon contains a flaw in handling user-supplied mount information: it copies up to 12 characters from untrusted input into a shell command (docker inspect %s) without proper validation, allowing a local unprivileged user to inject shell metacharacters and cause the root-running ABRT process...
ABRT/sosreport privilege elevation
Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...