CVE-2026-23241

medium

Description

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.

References

https://www.bencteux.fr/posts/missing_syscalls_audit/

https://git.kernel.org/stable/c/f5d27ad99fcaa7d965b344dd0b00d9413585c3cb

https://git.kernel.org/stable/c/ed8efd623a5738e03de09dd74b505d0fb77b09f3

https://git.kernel.org/stable/c/bcb90a2834c7393c26df9609b889a3097b7700cd

https://git.kernel.org/stable/c/ada4bba3afefee1fa68aa6bd1fd597ea4b11a16e

https://git.kernel.org/stable/c/ad37505ce869a8100ff23f24eea117de7a7516bf

https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f

https://git.kernel.org/stable/c/5632d14b2f2a0ade2d0068e12676ebed67e3bb2a

https://git.kernel.org/stable/c/33cdef7ecf6e5d2cf46a35ec26befce072a1aa07

Details

Source: Mitre, NVD

Published: 2026-03-17

Updated: 2026-03-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00033