Control: retitle -1 LinuxCNC: Security issue in suid RTAPI component 
(CVE-2026-58302)

On Sun, Jun 28, 2026 at 05:46:20PM +0200, Petter Reinholdtsen wrote:
> 
> Package: linuxcnc-uspace
> Severity: important
> Version: 1:2.9.0
>  
> According to the release announcement for version 2.9.9, there is a
> security issue that need to be fixed in LinuxCNC:
> 
>   To address the last part first, it has been noted by two separate
>   people that a weakness in the RTAPI allows for privilege escalation as
>   it runs as setuid root (to give direct access to hardware). Given the
>   use-case for most LinuxCNC machines this is unlilely to be a problem
>   in most cases; most hobby users will have root access anyway. The
>   issue has been patched in both 2.9 and in the development branch.

This got CVE-2026-58302 assigned.

Regards,
Salvatore


_______________________________________________
Emc-developers mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/emc-developers

Reply via email to