Medium severity6.7NVD Advisory· Published Apr 9, 2026· Updated Jun 11, 2026
CVE-2026-4878
CVE-2026-4878
Description
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the cap_set_file() function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
28- cpe:2.3:a:libcap_project:libcap:-:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- osv-coords23 versionspkg:rpm/almalinux/libcappkg:rpm/almalinux/libcap-develpkg:rpm/opensuse/libcap&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/libcap&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/libcap&distro=SUSE%20Linux%20Micro%206.2
< 2.69-7.el10_1.1+ 22 more
- (no CPE)range: < 2.69-7.el10_1.1
- (no CPE)range: < 2.69-7.el10_1.1
- (no CPE)range: < 2.73-160000.3.1
- (no CPE)range: < 2.78-1.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.26-14.12.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.63-150400.3.6.1
- (no CPE)range: < 2.26-14.12.1
- (no CPE)range: < 2.69-3.1
- (no CPE)range: < 2.69-slfo.1.1_2.1
- (no CPE)range: < 2.73-160000.3.1
Patches
Vulnerability mechanics
References
27- www.openwall.com/lists/oss-security/2026/04/09/5nvdExploitMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/09/6nvdExploitMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/07/14nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/07/4nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/08/9nvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHSA-2026:7473nvdVendor Advisory
- access.redhat.com/security/cve/CVE-2026-4878nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdPermissions Required
- access.redhat.com/errata/RHSA-2026:12423nvd
- access.redhat.com/errata/RHSA-2026:12441nvd
- access.redhat.com/errata/RHSA-2026:13285nvd
- access.redhat.com/errata/RHSA-2026:14162nvd
- access.redhat.com/errata/RHSA-2026:14937nvd
- access.redhat.com/errata/RHSA-2026:19130nvd
- access.redhat.com/errata/RHSA-2026:19346nvd
- access.redhat.com/errata/RHSA-2026:19456nvd
- access.redhat.com/errata/RHSA-2026:19458nvd
- access.redhat.com/errata/RHSA-2026:20595nvd
- access.redhat.com/errata/RHSA-2026:21254nvd
- access.redhat.com/errata/RHSA-2026:21275nvd
- access.redhat.com/errata/RHSA-2026:22634nvd
- access.redhat.com/errata/RHSA-2026:22957nvd
- access.redhat.com/errata/RHSA-2026:23233nvd
- access.redhat.com/errata/RHSA-2026:23245nvd
- access.redhat.com/errata/RHSA-2026:24346nvd
- access.redhat.com/errata/RHSA-2026:25096nvd
News mentions
0No linked articles in our index yet.