7 matches found
DEBIAN-CVE-2026-11837
A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...
CVE-2026-11837
A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...
CVE-2026-11837 Ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown
A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...
CVE-2026-11837
CVE-2026-11837 describes a local privilege escalation in the ansible.posix authorized_key module. The keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when handling SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their ~/...
CVE-2026-11837
A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...
CVE-2026-11837
A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...
PT-2026-48375
Name of the Vulnerable Software and Affected Versions ansible.posix affected versions not specified Description A local privilege escalation issue exists in the authorized key module. The keyfile function utilizes os.chown instead of os.lchown and opens files without the O NOFOLLOW flag when...