CVE-2026-4878
MEDIUMLibcap: libcap: privilege escalation via toctou race condition in cap_set_file()
Title source: cnaDescription
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
References (11)
Scores
CVSS v3
6.7
EPSS
0.0001
EPSS Percentile
0.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-367
Status
published
Products (15)
libcap_project/libcap
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 10
0:2.69-7.el10_1.1
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 9
Red Hat/Red Hat Enterprise Linux 9
0:2.48-10.el9_7.1
Red Hat/Red Hat Hardened Images
Red Hat/Red Hat Hardened Images
2.78-1.1.hum1
... and 5 more
Published
Apr 09, 2026
Tracked Since
Apr 09, 2026