CVE-2026-58302
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk5th percentile — higher than 5% of all known CVEs
Summary
A vulnerability in the rtapi_app component of the linuxcnc-uspace package in LinuxCNC before version 2.9.9 allows privilege escalation. The program is installed SUID root and loads shared library modules via dlopen() using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to load an arbitrary shared library, and because the process retains elevated privileges during module loading, this results in local privilege escalation to root.
Risk Assessment
The organization is at risk of a local unprivileged user gaining full root control over the system, potentially leading to unauthorized data access, malware installation, or permanent system integrity compromise.
Recommendation
Immediately update LinuxCNC to version 2.9.9 or later, which includes a fix for this vulnerability. If an update is not possible, temporarily remove the SUID bit from the rtapi_app binary or restrict access to trusted users only.
Original NVD description (English source)
rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to load an arbitrary shared library. Because the process retains elevated privileges during module loading, this results in local privilege escalation to root.

