Fedora Account System
Red Hat Associate
Red Hat Customer
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:10217 https://access.redhat.com/errata/RHSA-2026:10217
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:10219 https://access.redhat.com/errata/RHSA-2026:10219
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:10704 https://access.redhat.com/errata/RHSA-2026:10704
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:11507 https://access.redhat.com/errata/RHSA-2026:11507
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:11514 https://access.redhat.com/errata/RHSA-2026:11514
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:11704 https://access.redhat.com/errata/RHSA-2026:11704
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:11712 https://access.redhat.com/errata/RHSA-2026:11712
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:11711 https://access.redhat.com/errata/RHSA-2026:11711
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:11863 https://access.redhat.com/errata/RHSA-2026:11863
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:14200 https://access.redhat.com/errata/RHSA-2026:14200
This issue has been addressed in the following products: Cryostat 4 on RHEL 9 Via RHSA-2026:14391 https://access.redhat.com/errata/RHSA-2026:14391
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:15980 https://access.redhat.com/errata/RHSA-2026:15980
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:16024 https://access.redhat.com/errata/RHSA-2026:16024
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:16021 https://access.redhat.com/errata/RHSA-2026:16021
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:16875 https://access.redhat.com/errata/RHSA-2026:16875
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:17075 https://access.redhat.com/errata/RHSA-2026:17075
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:17084 https://access.redhat.com/errata/RHSA-2026:17084
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:18027 https://access.redhat.com/errata/RHSA-2026:18027
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:18032 https://access.redhat.com/errata/RHSA-2026:18032
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19132 https://access.redhat.com/errata/RHSA-2026:19132
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19133 https://access.redhat.com/errata/RHSA-2026:19133
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19134 https://access.redhat.com/errata/RHSA-2026:19134
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19136 https://access.redhat.com/errata/RHSA-2026:19136
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19135 https://access.redhat.com/errata/RHSA-2026:19135
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19144 https://access.redhat.com/errata/RHSA-2026:19144
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:19156 https://access.redhat.com/errata/RHSA-2026:19156
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:19350 https://access.redhat.com/errata/RHSA-2026:19350
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:19351 https://access.redhat.com/errata/RHSA-2026:19351
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:19352 https://access.redhat.com/errata/RHSA-2026:19352
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:19353 https://access.redhat.com/errata/RHSA-2026:19353
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:19369 https://access.redhat.com/errata/RHSA-2026:19369
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:19550 https://access.redhat.com/errata/RHSA-2026:19550
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:19714 https://access.redhat.com/errata/RHSA-2026:19714
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:19715 https://access.redhat.com/errata/RHSA-2026:19715
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:19719 https://access.redhat.com/errata/RHSA-2026:19719
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2026:19721 https://access.redhat.com/errata/RHSA-2026:19721
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:19720 https://access.redhat.com/errata/RHSA-2026:19720
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:19722 https://access.redhat.com/errata/RHSA-2026:19722
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:19750 https://access.redhat.com/errata/RHSA-2026:19750
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:19839 https://access.redhat.com/errata/RHSA-2026:19839
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:20556 https://access.redhat.com/errata/RHSA-2026:20556
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:22141 https://access.redhat.com/errata/RHSA-2026:22141
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:22450 https://access.redhat.com/errata/RHSA-2026:22450
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:22709 https://access.redhat.com/errata/RHSA-2026:22709
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:22714 https://access.redhat.com/errata/RHSA-2026:22714
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:22937 https://access.redhat.com/errata/RHSA-2026:22937
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:23228 https://access.redhat.com/errata/RHSA-2026:23228
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:24337 https://access.redhat.com/errata/RHSA-2026:24337
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:24716 https://access.redhat.com/errata/RHSA-2026:24716
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.6 for RHEL 9 Red Hat Ansible Automation Platform 2.6 for RHEL 10 Via RHSA-2026:24762 https://access.redhat.com/errata/RHSA-2026:24762
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.5 for RHEL 9 Red Hat Ansible Automation Platform 2.5 for RHEL 8 Via RHSA-2026:24761 https://access.redhat.com/errata/RHSA-2026:24761
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:25999 https://access.redhat.com/errata/RHSA-2026:25999
This issue has been addressed in the following products: Red Hat Satellite 6.16 for RHEL 8 Red Hat Satellite 6.16 for RHEL 9 Via RHSA-2026:27076 https://access.redhat.com/errata/RHSA-2026:27076
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:27732 https://access.redhat.com/errata/RHSA-2026:27732
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:28038 https://access.redhat.com/errata/RHSA-2026:28038
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 9 Via RHSA-2026:28046 https://access.redhat.com/errata/RHSA-2026:28046
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 9 Via RHSA-2026:28047 https://access.redhat.com/errata/RHSA-2026:28047
This issue has been addressed in the following products: Red Hat Satellite 6.18 for RHEL 9 Via RHSA-2026:28385 https://access.redhat.com/errata/RHSA-2026:28385
This issue has been addressed in the following products: Red Hat Satellite 6.17 for RHEL 9 Via RHSA-2026:34366 https://access.redhat.com/errata/RHSA-2026:34366
This issue has been addressed in the following products: Red Hat Satellite 6.18 for RHEL 9 Via RHSA-2026:34368 https://access.redhat.com/errata/RHSA-2026:34368
This issue has been addressed in the following products: RHEM 1.0 for RHEL 9 Via RHSA-2026:36796 https://access.redhat.com/errata/RHSA-2026:36796