CVE-2025-12744

by Fred · 03/12/2025

A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.

More information : https://access.redhat.com/security/cve/CVE-2025-12744

CVE-2025-12744

Similar

Recent Posts

Categories

CVE-2025-12744

Share this:

Similar

Recent Posts

Categories

Tags