Fabre

#1140106 rrdtool: CVE-2026-43958 #1140106

Package:: src:rrdtool

Source:: src:rrdtool

Submitter:: Moritz Mühlenhoff

Date:: 2026-06-15 20:55:04 UTC

Severity:: normal

Tags:

#1140106#5

Date:: 2026-06-15 20:54:10 UTC

From:

To:

Hi,

The following vulnerability was published for rrdtool.

CVE-2026-43958[0]:
| A flaw was found in rrdcached, a component of rrdtool. A local
| attacker with access to a rrdcached socket can exploit a stack-based
| buffer overflow by sending an oversized CREATE request. This
| vulnerability can lead to a denial of service by crashing the daemon
| or potentially allow for arbitrary code execution, impacting the
| integrity and confidentiality of data.

https://bugzilla.redhat.com/show_bug.cgi?id=2460932


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2026-43958
https://www.cve.org/CVERecord?id=CVE-2026-43958

Please adjust the affected versions in the BTS as needed.

#1140106 rrdtool: CVE-2026-43958 #1140106

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)