CVE-2026-58302 | rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows… | CVSS 8.4 HIGH

Description

rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to load an arbitrary shared library. Because the process retains elevated privileges during module loading, this results in local privilege escalation to root.

Metadata

CVE ID: CVE-2026-58302
State: PUBLISHED
Assigner: mitre
Reserved: 2026-06-30 01:09 UTC
Published: 2026-06-30 01:09 UTC
Last updated: 2026-06-30 01:09 UTC
Primary CWE: CWE-22
CWE-22 Improper Limitation of a Pathname to a Restricted Dir…
Vendor / Product: LinuxCNC / LinuxCNC
Sources: cve.org · NVD

Severity & Metrics

8.4 HIGH CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products (1)

Vendor	Product	Platform	Versions
LinuxCNC	LinuxCNC	—	0 < 2.9.9

Weakness (CWE)

CWE	Source	Description
CWE-22	cna	CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSS scores (1)

Score	Severity	Version	Source	Vector
8.4	HIGH	3.1	cna	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (4)