Main Vulnerability Database SB2026052784

SB2026052784 - SUSE update for bubblewrap

Published: May 27, 2026

Security Bulletin ID SB2026052784

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper privilege management (CVE-ID: CVE-2026-41163)

CWE-ID: CWE-269 - Improper Privilege Management

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper access control in setuid mode when handling ptrace attachment during the sandbox setup phase. A local user can attach to bubblewrap with ptrace and control the unprivileged part of the sandbox setup phase to escalate privileges.

Only installations running in setuid mode are vulnerable, and exploitation is possible in configurations that support overlayfs mounts.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20262094-1/

SB2026052784 - SUSE update for bubblewrap

Breakdown by Severity

Description

Remediation

References

Please verify you're human