CVE-2026-23241

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

audit: add missing syscalls to read class

The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as:

-w /tmp/test -p rwa -k test_rwa

The current patch adds missing syscalls to the audit read class.

EPSS Score: 0.00125 (0.026)

Common Weakness Enumeration (CWE)

ADVISORY - nist
ADVISORY - redhat

Protection Mechanism Failure


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in