← Back to CVEs
CVE-2026-23241
N/ADescription
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds missing syscalls to the audit read class.
CVE Details
CVSS v3.1 ScoreN/A
Published3/17/2026
Last Modified3/18/2026
Sourcenvd
Honeypot Sightings0
References
https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/ad37505ce869a8100ff23f24eea117de7a7516bf(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/bcb90a2834c7393c26df9609b889a3097b7700cd(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://www.bencteux.fr/posts/missing_syscalls_audit/(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.