CVE

CVE-2026-26158

busybox: BusyBox: Arbitrary file modification and privilege escalation via unvalidated tar archive entries (important)

CVE

CVE-2026-26158

busybox: BusyBox: Arbitrary file modification and privilege escalation via unvalidated tar archive entries (important)

DOCUMENTATION: A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.

MITIGATION: As a prevention measure, avoid extracting tar archives from untrusted sources using BusyBox, especially when operating with elevated privileges. If processing untrusted archives is unavoidable, ensure that the extraction process is performed within a strictly sandboxed environment with minimal permissions. This operational control reduces the risk of arbitrary file modification and privilege escalation.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://access.redhat.com/security/cve/CVE-2026-26158

Severity

0

CVSS Score

Basic Information

Ecosystem

Base CVSS

EPSS Probability

0.00005%

EPSS Percentile

0.0023%

Introduced Version

Fix Available

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2026-26158

CVE-2026-26158

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

0

Basic Information

Fix Critical Vulnerabilities Instantly