Untriaged
Permalink
CVE-2026-46388
4.4 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): Low (L)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
osquery: Unprivileged users can temporarily read file carve contents
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not created with private permissions. If the carve targets a directory that the attacker controls, arbitrary file reads are possible, such as sensitive local files. This issue is fixed in version 5.23.1.
References
-
https://github.com/osquery/osquery/security/advisories/GHSA-fg78-9q98-62hh x_refsource_CONFIRM
-
https://github.com/osquery/osquery/pull/8961 x_refsource_MISC
-
https://github.com/osquery/osquery/releases/tag/5.23.1 x_refsource_MISC
Affected products
osquery
- ==< 5.23.1
Package maintainers
-
@znewman01 Zack Newman <znewman01@gmail.com>
-
@LeSuisse Thomas Gerbet <thomas@gerbet.me>
-
@nlewo Antoine Eiche <lewo@abesis.fr>