PatchSiren cyber security CVE debrief
CVE-2026-54229 Red Hat CVE debrief
CVE-2026-54229 is a HIGH-severity vulnerability with a CVSS score of 7. The vulnerability is caused by a race condition in the abrt-dbus D-Bus service's ChownProblemDir method. This method opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files to the caller's uid, succeeding even while post-create event handlers hold a write lock. This allows an attacker to gain filesystem-level control of the dump directory while privileged event scripts are still running.
- Vendor
- Red Hat
- Product
- Red Hat Enterprise Linux 6
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-13
- Original CVE updated
- 2026-06-13
- Advisory published
- 2026-06-13
- Advisory updated
- 2026-06-13
Who should care
Users of Red Hat products may be affected by this vulnerability. The vendor is listed as 'Unknown Vendor' with low confidence, but there is evidence suggesting a connection to Redhat.
Technical summary
The abrt-dbus D-Bus service's ChownProblemDir method is vulnerable to a race condition. This method opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files to the caller's uid. The vulnerability allows an attacker to gain filesystem-level control of the dump directory while privileged event scripts are still running.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Restrict access to the dump directory to prevent unauthorized modifications.
- Monitor the system for suspicious activity related to the abrt-dbus service.
Evidence notes
The CVE record was published on 2026-06-13T03:16:21.587Z and has not been modified since then. The vulnerability has been reported by Red Hat and has a CVSS vector of CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Official resources
CVE-2026-54229 was published on 2026-06-13T03:16:21.587Z.