CVE Catalog

CVE-2026-4878

MediumCVSS 6.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile - higher than 9% of all known CVEs

Summary

A flaw was found in the libcap library due to a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. A local unprivileged user with write access to a parent directory can redirect file capability updates to an attacker-controlled file. This allows capabilities to be injected into or stripped from unintended executables, leading to privilege escalation.

Risk Assessment

The organization faces a risk of privilege escalation by a local user, potentially gaining unauthorized access to sensitive system resources. The attack could allow control over critical executables.

Recommendation

Update the libcap library to the latest patched version immediately. Additionally, restrict write permissions to parent directories for unprivileged users.

Original NVD description (English source)

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS