CVE-2026-23241 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/33cdef7ecf6e5d2cf46a35ec26befce072a1aa07
https://git.kernel.org/stable/c/5632d14b2f2a0ade2d0068e12676ebed67e3bb2a
https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f
https://git.kernel.org/stable/c/ad37505ce869a8100ff23f24eea117de7a7516bf
https://git.kernel.org/stable/c/ada4bba3afefee1fa68aa6bd1fd597ea4b11a16e
https://git.kernel.org/stable/c/bcb90a2834c7393c26df9609b889a3097b7700cd
https://git.kernel.org/stable/c/ed8efd623a5738e03de09dd74b505d0fb77b09f3
https://git.kernel.org/stable/c/f5d27ad99fcaa7d965b344dd0b00d9413585c3cb
https://www.bencteux.fr/posts/missing_syscalls_audit/

History

Tue, 17 Mar 2026 09:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.
Title		audit: add missing syscalls to read class
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/33cdef7ecf6e5d2cf46a35ec26befce072a1aa07 https://git.kernel.org/stable/c/5632d14b2f2a0ade2d0068e12676ebed67e3bb2a https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f https://git.kernel.org/stable/c/ad37505ce869a8100ff23f24eea117de7a7516bf https://git.kernel.org/stable/c/ada4bba3afefee1fa68aa6bd1fd597ea4b11a16e https://git.kernel.org/stable/c/bcb90a2834c7393c26df9609b889a3097b7700cd https://git.kernel.org/stable/c/ed8efd623a5738e03de09dd74b505d0fb77b09f3 https://git.kernel.org/stable/c/f5d27ad99fcaa7d965b344dd0b00d9413585c3cb https://www.bencteux.fr/posts/missing_syscalls_audit/

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-03-17T09:11:04.913Z

Updated: 2026-03-17T09:11:04.913Z

Reserved: 2026-01-13T15:37:45.989Z

Link: CVE-2026-23241

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-17T10:16:00.127

Modified: 2026-03-17T10:16:00.127

Link: CVE-2026-23241

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object