CVE-2026-43958
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary code execution, impacting the integrity and confidentiality of data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | 0:1.8.0-21.el10_2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:1.7.0-17.el8_10 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:1.7.2-22.el9_8 < * | unaffected |
Weaknesses
- CWE-121: Stack-based Buffer Overflow
Workarounds
Restrict access to the rrdcached UNIX socket using filesystem permissions and group ownership to prevent untrusted local users from connecting. Avoid exposing rrdcached on TCP listeners unless strictly necessary, and ensure any such listeners are protected by network access controls. Additionally, run the rrdcached daemon as an unprivileged user and group using the -U and -G options to minimize impact in case of compromise. If rrdcached is restarted or reloaded, these configurations will be reapplied.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://access.redhat.com/errata/RHSA-2026:33731
- https://access.redhat.com/errata/RHSA-2026:34155
- https://access.redhat.com/errata/RHSA-2026:34156
- https://access.redhat.com/security/cve/CVE-2026-43958
- https://bugzilla.redhat.com/show_bug.cgi?id=2460932
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.