CVE-2026-58302

HIGH

LinuxCNC < 2.9.9 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Title source: rule
STIX 2.1

Description

rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to load an arbitrary shared library. Because the process retains elevated privileges during module loading, this results in local privilege escalation to root.

Scores

CVSS v3 8.4
EPSS 0.0015
EPSS Percentile 4.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-22
Status published
Products (1)
LinuxCNC/LinuxCNC < 2.9.9
Published Jun 30, 2026
Tracked Since Jun 30, 2026