vulnerability
Red Hat: CVE-2025-12744: abrt: Command-injection in ABRT leading to local privilege escalation (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Dec 3, 2025 | Dec 5, 2025 | Dec 5, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Dec 3, 2025
Added
Dec 5, 2025
Modified
Dec 5, 2025
Description
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
Solutions
redhat-upgrade-abrtredhat-upgrade-abrt-addon-ccppredhat-upgrade-abrt-addon-ccpp-debuginforedhat-upgrade-abrt-addon-coredump-helperredhat-upgrade-abrt-addon-coredump-helper-debuginforedhat-upgrade-abrt-addon-kerneloopsredhat-upgrade-abrt-addon-kerneloops-debuginforedhat-upgrade-abrt-addon-pstoreoopsredhat-upgrade-abrt-addon-pstoreoops-debuginforedhat-upgrade-abrt-addon-upload-watch-debuginforedhat-upgrade-abrt-addon-vmcoreredhat-upgrade-abrt-addon-xorgredhat-upgrade-abrt-addon-xorg-debuginforedhat-upgrade-abrt-atomic-debuginforedhat-upgrade-abrt-cliredhat-upgrade-abrt-cli-ngredhat-upgrade-abrt-console-notificationredhat-upgrade-abrt-dbusredhat-upgrade-abrt-dbus-debuginforedhat-upgrade-abrt-debuginforedhat-upgrade-abrt-debugsourceredhat-upgrade-abrt-desktopredhat-upgrade-abrt-guiredhat-upgrade-abrt-gui-debuginforedhat-upgrade-abrt-gui-libsredhat-upgrade-abrt-gui-libs-debuginforedhat-upgrade-abrt-libsredhat-upgrade-abrt-libs-debuginforedhat-upgrade-abrt-plugin-machine-idredhat-upgrade-abrt-plugin-sosreportredhat-upgrade-abrt-retrace-client-debuginforedhat-upgrade-abrt-tuiredhat-upgrade-abrt-tui-debuginforedhat-upgrade-python3-abrtredhat-upgrade-python3-abrt-addonredhat-upgrade-python3-abrt-container-addonredhat-upgrade-python3-abrt-debuginforedhat-upgrade-python3-abrt-doc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.