Medium severity6.7NVD Advisory· Published Apr 9, 2026· Updated May 7, 2026
CVE-2026-4878
CVE-2026-4878
Description
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the cap_set_file() function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
Affected products
5- cpe:2.3:a:libcap_project:libcap:-:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.openwall.com/lists/oss-security/2026/04/09/5nvdExploitMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/09/6nvdExploitMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/07/14nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/07/4nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/08/9nvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHSA-2026:7473nvdVendor Advisory
- access.redhat.com/security/cve/CVE-2026-4878nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdPermissions Required
- access.redhat.com/errata/RHSA-2026:12423nvd
- access.redhat.com/errata/RHSA-2026:12441nvd
- access.redhat.com/errata/RHSA-2026:13285nvd
- access.redhat.com/errata/RHSA-2026:14162nvd
- access.redhat.com/errata/RHSA-2026:14937nvd
News mentions
0No linked articles in our index yet.