Description
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.
References (9)
Core 9
Core References
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
4.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (25)
linux/Kernel
6.13.0 - 6.18.16linux
linux/Kernel
6.19.0 - 6.19.6linux
Linux/Linux
< 6.13
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 33cdef7ecf6e5d2cf46a35ec26befce072a1aa07
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 5632d14b2f2a0ade2d0068e12676ebed67e3bb2a
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a2e8c144299c31d3972295ed80d4cb908daf4f6f
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ad37505ce869a8100ff23f24eea117de7a7516bf
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ada4bba3afefee1fa68aa6bd1fd597ea4b11a16e
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - bcb90a2834c7393c26df9609b889a3097b7700cd
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ed8efd623a5738e03de09dd74b505d0fb77b09f3
... and 15 more
Published
Mar 17, 2026
Tracked Since
Mar 17, 2026