CVE-2011-4088

CVE-2011-4088 concerns ABRT, libreport, btparser, and python-meh. The connected evidence indicates the vulnerability enables disclosure of sensitive data from crash reports, due to how ABRT handles crash data (e.g., core dumps and report contents) or related plugins. Affected components include a...

CVE-2015-1862

CVE-2015-1862 describes a local privilege-escalation in ABRT’s crash reporting. The vulnerability arises when ABRT’s crash-handler code performs an execve after a chroot into a user-specified directory within a named-space; a race condition/symlink handling flaw can allow a local user to influenc...

CVE-2026-54231

CVE-2026-54231 affects ABRT’s post-create event handler scripts in libreport. The event script reads journal entries for the crashed process and writes results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal...

CVE-2026-54230

CVE-2026-54230 describes a symlink-following vulnerability in ABRT’s libreport post-create event handler scripts. The scripts write output via shell redirections without O_NOFOLLOW, so if a target file is replaced with a symlink, a root process can overwrite arbitrary files on the system. This is...