ABRT Daemon Vulnerability

The ABRT daemon is a process used to monitor and manage system crashes on Linux systems. It's designed to automatically restart processes that fail to start or crash. However, due to a flaw in its handling of user-supplied mount information, an attacker can craft a payload that injects shell metacharacters, allowing them to execute arbitrary commands with elevated privileges.

You're affected if you use A flaw was found. Affected versions: 12 If you don't recognise this software, you're probably not affected.

Upgrade to ABRT 2.1.22 or later.
- For immediate mitigation, run sudo sed -i 's/12//g' /etc/abrt/abrt.conf to remove the hardcoded length of user-supplied mount information.
- Contact Red Hat directly for a patched version.

• access.redhat.com
• bugzilla.redhat.com