Synopsis:
libcap security updateSummary:
An update for libcap is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4Description:
This is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.
Security Fix(es):
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the cap_set_file() function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.(CVE-2026-4878)Topic:
An update for libcap is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.Severity:
MediumAffected Component:
libcap
2.32-10.oe2003sp42.32-10.oe2003sp42.32-10.oe2003sp42.32-10.oe2003sp42.32-10.oe2003sp42.61-11.oe2203sp42.61-11.oe2203sp42.61-11.oe2203sp42.61-11.oe2203sp42.61-11.oe2203sp4Exploitability
AV:LAC:HPR:LUI:RScope
S:UImpact
C:HI:HA:H6.7/CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H