CVE-2026-43958

Summary

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary code execution, impacting the integrity and confidentiality of data.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 100:1.8.0-21.el10_2 < *unaffected
Red HatRed Hat Enterprise Linux 80:1.7.0-17.el8_10 < *unaffected
Red HatRed Hat Enterprise Linux 90:1.7.2-22.el9_8 < *unaffected

Weaknesses

  • CWE-121: Stack-based Buffer Overflow

Workarounds

Restrict access to the rrdcached UNIX socket using filesystem permissions and group ownership to prevent untrusted local users from connecting. Avoid exposing rrdcached on TCP listeners unless strictly necessary, and ensure any such listeners are protected by network access controls. Additionally, run the rrdcached daemon as an unprivileged user and group using the -U and -G options to minimize impact in case of compromise. If rrdcached is restarted or reloaded, these configurations will be reapplied.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References