Red Hat ABRT D-Bus SetElement TOCTOU
CVE-2026-54228 Published on June 13, 2026
Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories
A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package validation and allowing crashes of unpackaged binaries to survive post-create processing.
Vulnerability Analysis
CVE-2026-54228 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Timeline
Reported to Red Hat.
Made public.
Weakness Type
What is a TOCTTOU Vulnerability?
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state. This weakness can be security-relevant when an attacker can influence the state of the resource between check and use. This can happen with shared resources such as files, memory, or even variables in multithreaded programs.
CVE-2026-54228 has been classified to as a TOCTTOU vulnerability or weakness.
Products Associated with CVE-2026-54228
Want to know whenever a new CVE is published for Red Hat Enterprise Linux (RHEL)? stack.watch will email you.
