A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
CVE-2025-12744: A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from …
A flaw in ABRT daemon's handling of user-supplied mount information (CVE-2025-12744) allows local users to inject shell metacharacters and gain root privileges.