PatchSiren cyber security CVE debrief
CVE-2026-6893 Red Hat CVE debrief
A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and written into temporary shell scripts without proper escaping, leading to command injection. This allows the attacker to achieve root code execution within the initramfs, potentially compromising the system's boot and network behavior.
- Vendor
- Red Hat
- Product
- Red Hat Enterprise Linux 10
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of dracut, particularly those using its legacy DHCP path, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by improper handling of DHCP options in dracut's legacy DHCP path. An attacker can provide specially crafted DHCP options, such as a malicious hostname, which are written into temporary shell scripts without proper escaping, leading to command injection.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates from the vendor as they become available.
- Use secure DHCP options and validate user input.
- Consider disabling the legacy DHCP path if not necessary.
Evidence notes
The CVE-2026-6893 vulnerability has a CVSS score of 8.8 and is classified as HIGH severity. The vulnerability was published on 2026-06-10T20:17:29.807Z and last modified on 2026-06-10T20:22:06.277Z.
Official resources
CVE-2026-6893 was published on 2026-06-10T20:17:29.807Z and last modified on 2026-06-10T20:22:06.277Z.