Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

Fedora 44 acl Critical Symlink Traversal Fix FEDORA-2026-6b9a652463

fedora
Calendar Grey July 10, 2026
Dist Fedora Esm H88
Critical Fedora 44 acl update since it fixes symlink privilege escalation issues to enhance system security.
rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370

Summary

This package contains the getfacl and setfacl utilities needed for

manipulating access control lists.

Update Information:

rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370

Change Log

* Thu Jul 9 2026 Lukáš Zaoral - 2.4.0-1 - rebase to v2.4.0 to fix the following CVEs: - CVE-2026-54369 - Symlink traversal privilege escalation via libacl functions - CVE-2026-54370 - TOCTOU Symlink Traversal via getfacl/setfacl

References


[ 1 ] Bug #2494173 - CVE-2026-54370 acl: TOCTOU Symlink Traversal via getfacl/setfacl [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494173 [ 2 ] Bug #2494174 - CVE-2026-54369 acl: Symlink traversal privilege escalation via libacl functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494174

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6b9a652463' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: acl
Product: Fedora 44
Version: 2.4.0
Release: 1.fc44
Summary: Access control list utilities

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.