CVE-2026-58302
Publication date 30 June 2026
Last updated 30 June 2026
Ubuntu priority
Description
rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to load an arbitrary shared library. Because the process retains elevated privileges during module loading, this results in local privilege escalation to root.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linuxcnc | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
8.4 · High
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2026-58302
- https://github.com/LinuxCNC/linuxcnc/commit/00d534c87464a3ed446656998aa02b8abc74b391 (v2.9.9)
- https://bugs.debian.org/1140943
- https://github.com/LinuxCNC/linuxcnc/commit/00d534c87464a3ed446656998aa02b8abc74b391
- https://github.com/LinuxCNC/linuxcnc/commit/ea7cd579d39b586952a42e3da9a26d3e36e7a272
- https://github.com/LinuxCNC/linuxcnc/compare/v2.9.8...v2.9.9