Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat OpenShift distributed tracing 3.9.3

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-4878
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.85%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 14:49
Updated-06 May, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

Action-Not Available
Vendor-tcpdump & libpcapRed Hat, Inc.
Product-libcapopenshift_container_platformenterprise_linuxRed Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat OpenShift distributed tracing 3.9.3Red Hat Hardened ImagesRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition