CVE Catalog

CVE-2026-54231

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files.

Risk Assessment

The risk is that a local unprivileged user can manipulate the content of files written by root, potentially leading to privilege escalation, hiding attack traces, or misleading analysis tools.

Recommendation

Immediately update the libreport library to a version that sanitizes or removes control characters before writing to dump files. Until the update is applied, consider restricting local user access to the system or disabling the post-create event handler scripts.

Original NVD description (English source)

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS