libcap-2.48-6.el8_10.1

エラータID: AXSA:2026-559:02

リリース日: 
2026/05/07 Thursday - 18:38
題名: 
libcap-2.48-6.el8_10.1
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.

Security Fix(es):

* libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() (CVE-2026-4878)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-4878
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

解決策: 

Update packages.

CVE: 
CVE-2026-4878
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. libcap-2.48-6.el8_10.1.src.rpm
    MD5: 565405d3fc65d5919ddde7f2735c8c37
    SHA-256: df188ce7d87924378c717cc986b2a87d2da397f02e428e24f38f2b0766b1a7d9
    Size: 205.11 kB

Asianux Server 8 for x86_64
  1. libcap-2.48-6.el8_10.1.i686.rpm
    MD5: 6d0deb01dfefc4b6a507d580ecd07f86
    SHA-256: 206e0a79fbd2beb792ebd4b2410efc38c611d8d0cf8fa0edc2aadca3baeb9ad6
    Size: 76.15 kB
  2. libcap-2.48-6.el8_10.1.x86_64.rpm
    MD5: f8a0e13f2f2838298383c67a50c999e8
    SHA-256: b4a552a29aca814da027ff2560f32cb271b4cbf6192c98b1be6afba096948e44
    Size: 73.70 kB
  3. libcap-devel-2.48-6.el8_10.1.i686.rpm
    MD5: e8fa4ea4bcdc6205f00de43967fab6e3
    SHA-256: a783cf8940d562b6b98e1dd0bc91a1dccf4601012b5768bad4f016c950d5974a
    Size: 41.39 kB
  4. libcap-devel-2.48-6.el8_10.1.x86_64.rpm
    MD5: 4b91357a42144eae6ee990f9f13ec081
    SHA-256: ad54a28ab02fcacf0993e9024a7474e04204cc7b294ff158ce5fe925abe48965
    Size: 41.38 kB