CVE-2025-12744
published 2025-12-03CVE-2025-12744: A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them…
PriorityP359high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
EXPLOIT
EPSS
0.56%
42.5th percentile
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
abrt: Command-injection in ABRT leading to local privilege escalation
vendor_redhat·2025-12-03·CVSS 8.8
CVE-2025-12744 [HIGH] CWE-78 abrt: Command-injection in ABRT leading to local privilege escalation
abrt: Command-injection in ABRT leading to local privilege escalation
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shel
GHSA
GHSA-vwhf-x6j3-3qfg: A flaw was found in the ABRT daemon’s handling of user-supplied mount information
ghsa_unreviewed·2025-12-03
CVE-2025-12744 [HIGH] CWE-78 GHSA-vwhf-x6j3-3qfg: A flaw was found in the ABRT daemon’s handling of user-supplied mount information
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
No detection rules found.
No writeups or analysis indexed.
2025-12-03
Published