CVE Catalog

CVE-2026-54371

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile — higher than 4% of all known CVEs

Summary

A vulnerability in the getfattr and setfattr utilities before version 2.6.0 allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component can redirect getfattr and setfattr operations to arbitrary files, leading to local privilege escalation when these tools are invoked by a privileged process over an attacker-controlled path.

Risk Assessment

The organization faces the risk of local privilege escalation, allowing an attacker to access sensitive files or modify extended attributes, potentially compromising data integrity and confidentiality.

Recommendation

Immediately update the attr package to version 2.6.0 or later, which includes a fix that eliminates the symlink traversal vulnerability.

Original NVD description (English source)

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component can redirect getfattr and setfattr operations to arbitrary files by substituting a symlink, leading to local privilege escalation when getfattr or setfattr is invoked by a privileged process over an attacker-controlled path.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS