CVE-2026-4878

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-4878
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2026:12423
https://access.redhat.com/errata/RHSA-2026:12441
https://access.redhat.com/errata/RHSA-2026:13285
https://access.redhat.com/errata/RHSA-2026:14162
https://access.redhat.com/errata/RHSA-2026:14937
https://access.redhat.com/errata/RHSA-2026:19130
https://access.redhat.com/errata/RHSA-2026:19346
https://access.redhat.com/errata/RHSA-2026:19456
https://access.redhat.com/errata/RHSA-2026:19458
https://access.redhat.com/errata/RHSA-2026:20595
https://access.redhat.com/errata/RHSA-2026:21254
https://access.redhat.com/errata/RHSA-2026:21275
https://access.redhat.com/errata/RHSA-2026:22634
https://access.redhat.com/errata/RHSA-2026:22957
https://access.redhat.com/errata/RHSA-2026:23233
https://access.redhat.com/errata/RHSA-2026:23245
https://access.redhat.com/errata/RHSA-2026:24346
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:7473 Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-4878 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2447554 Permissions Required
https://bugzilla.redhat.com/show_bug.cgi?id=2451615 Issue Tracking Vendor Advisory
http://www.openwall.com/lists/oss-security/2026/04/07/14 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/04/07/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/04/08/9 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/04/09/5 Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/04/09/6 Exploit Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:libcap_project:libcap:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
History

11 Jun 2026, 10:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:23233 -

10 Jun 2026, 18:17

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:25096 -

10 Jun 2026, 16:17

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:23245 -

08 Jun 2026, 03:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:24346 -

04 Jun 2026, 00:17

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:22957 -

02 Jun 2026, 20:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:22634 -

27 May 2026, 09:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:21254 -

27 May 2026, 08:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:21275 -

26 May 2026, 09:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:20595 -

20 May 2026, 05:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:19458 -

20 May 2026, 04:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:19456 -

19 May 2026, 23:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:19346 -

19 May 2026, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:19130 -

07 May 2026, 22:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:14937 -

06 May 2026, 16:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:14162 -

04 May 2026, 02:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:13285 -

30 Apr 2026, 20:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:12441 -

30 Apr 2026, 18:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:12423 -

28 Apr 2026, 00:41

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2026:7473 - () https://access.redhat.com/errata/RHSA-2026:7473 - Vendor Advisory
References () https://access.redhat.com/security/cve/CVE-2026-4878 - () https://access.redhat.com/security/cve/CVE-2026-4878 - Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2447554 - () https://bugzilla.redhat.com/show_bug.cgi?id=2447554 - Permissions Required
References () https://bugzilla.redhat.com/show_bug.cgi?id=2451615 - () https://bugzilla.redhat.com/show_bug.cgi?id=2451615 - Issue Tracking, Vendor Advisory
References () http://www.openwall.com/lists/oss-security/2026/04/07/14 - () http://www.openwall.com/lists/oss-security/2026/04/07/14 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2026/04/07/4 - () http://www.openwall.com/lists/oss-security/2026/04/07/4 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2026/04/08/9 - () http://www.openwall.com/lists/oss-security/2026/04/08/9 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2026/04/09/5 - () http://www.openwall.com/lists/oss-security/2026/04/09/5 - Exploit, Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2026/04/09/6 - () http://www.openwall.com/lists/oss-security/2026/04/09/6 - Exploit, Mailing List, Third Party Advisory
First Time Redhat
Redhat enterprise Linux
Libcap Project libcap
Redhat openshift Container Platform
Libcap Project
CPE cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:libcap_project:libcap:-:*:*:*:*:*:*:*

25 Apr 2026, 02:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:7473 -

09 Apr 2026, 16:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-04-09 16:16

Updated : 2026-06-11 10:16

NVD link : CVE-2026-4878

Mitre link : CVE-2026-4878

CVE.ORG link : CVE-2026-4878

JSON object : View

Products Affected

libcap_project

  • libcap

redhat

  • openshift_container_platform
  • enterprise_linux
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition