Main Vulnerability Database Exploits ID:12211 - Exploit for OS Command Injection in Abrt - CVE-2025-12744

ID:12211 - Exploit for OS Command Injection in Abrt - CVE-2025-12744

Published: December 17, 2025

Vulnerability identifier: #VU119261

Vulnerability risk: Low

CVE-ID: CVE-2025-12744

CWE-ID: CWE-78

Exploitation vector: Local access

Vulnerable software:
Abrt

Link to public exploit:

https://github.com/initstring/abrt_root

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to software extracts a 12-byte substring from user-controlled mount information and embedding it verbatim into a shell command constructed with g_strdup_printf("docker inspect %s", container_id). A local user can execute arbitrary OS commands with root privileges.

Remediation

Install updates from vendor's website.

ID:12211 - Exploit for OS Command Injection in Abrt - CVE-2025-12744

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human