CVE-2026-23241
Description
AI Translation Available
In the Linux kernel, the following vulnerability has been resolved:
audit: add missing syscalls to read class
The 'at' variant of getxattr() and listxattr() are missing from the
audit read class. Calling getxattrat() or listxattrat() on a file to
read its extended attributes will bypass audit rules such as:
-w /tmp/test -p rwa -k test_rwa
The current patch adds missing syscalls to the audit read class.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0003
Percentile
0,1th
Updated
Single Data Point
Only one EPSS measurement is available for this CVE. Trend analysis requires multiple data points over time.
https://git.kernel.org/stable/c/33cdef7ecf6e5d2cf46a35ec26befce072a1aa07
https://git.kernel.org/stable/c/5632d14b2f2a0ade2d0068e12676ebed67e3bb2a
https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f
https://git.kernel.org/stable/c/ad37505ce869a8100ff23f24eea117de7a7516bf
https://git.kernel.org/stable/c/ada4bba3afefee1fa68aa6bd1fd597ea4b11a16e
https://git.kernel.org/stable/c/bcb90a2834c7393c26df9609b889a3097b7700cd
https://git.kernel.org/stable/c/ed8efd623a5738e03de09dd74b505d0fb77b09f3
https://git.kernel.org/stable/c/f5d27ad99fcaa7d965b344dd0b00d9413585c3cb
https://www.bencteux.fr/posts/missing_syscalls_audit/