Updated cockpit packages fix security vulnerabilities
Publication date: 05 Jun 2026Modification date: 05 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4802 , CVE-2026-4631 , CVE-2026-4800
Description
CVE-2026-4631, Cockpit's remote login feature passes user-supplied
hostnames and usernames from the web interface to the SSH client without
validation or sanitization. An attacker with network access to the
Cockpit web service can craft a single HTTP request to the login
endpoint that injects malicious SSH options or shell commands, achieving
code execution on the Cockpit host without valid credentials. The
injection occurs during the authentication flow before any credential
verification takes place, meaning no login is required to exploit the
vulnerability.
CVE-2026-4800, lodash vulnerable to Code Injection via `_.template`
imports key names
CVE-2026-4802, A flaw was found in Cockpit. This vulnerability allows a
remote attacker to achieve arbitrary command execution on the host by
exploiting unsanitized user-controlled parameters within crafted links
in the system logs user interface (UI). An attacker can inject shell
metacharacters and command substitutions into these parameters, leading
to the execution of arbitrary shell commands on the affected system.
This could result in a complete system compromise.
References
- https://bugs.mageia.org/show_bug.cgi?id=35563
- https://www.openwall.com/lists/oss-security/2026/05/20/19
- https://github.com/cockpit-project/cockpit/releases/tag/339
- https://github.com/cockpit-project/cockpit/releases/tag/340
- https://github.com/cockpit-project/cockpit/releases/tag/341
- https://github.com/cockpit-project/cockpit/releases/tag/341.1
- https://github.com/cockpit-project/cockpit/releases/tag/342
- https://github.com/cockpit-project/cockpit/releases/tag/343
- https://github.com/cockpit-project/cockpit/releases/tag/344
- https://github.com/cockpit-project/cockpit/releases/tag/345
- https://github.com/cockpit-project/cockpit/releases/tag/346
- https://github.com/cockpit-project/cockpit/releases/tag/347
- https://github.com/cockpit-project/cockpit/releases/tag/348
- https://github.com/cockpit-project/cockpit/releases/tag/349
- https://github.com/cockpit-project/cockpit/releases/tag/350
- https://github.com/cockpit-project/cockpit/releases/tag/351
- https://github.com/cockpit-project/cockpit/releases/tag/352
- https://github.com/cockpit-project/cockpit/releases/tag/353
- https://github.com/cockpit-project/cockpit/releases/tag/353.1
- https://github.com/cockpit-project/cockpit/releases/tag/354
- https://github.com/cockpit-project/cockpit/releases/tag/355
- https://github.com/cockpit-project/cockpit/releases/tag/356
- https://github.com/cockpit-project/cockpit/releases/tag/356.1
- https://github.com/cockpit-project/cockpit/releases/tag/356.2
- https://github.com/advisories/GHSA-rq49-h582-83m7
- https://github.com/advisories/GHSA-r5fr-rjxr-66jc
- https://github.com/advisories/GHSA-3wjm-5g86-c6p3
- https://www.cve.org/CVERecord?id=CVE-2026-4802
- https://www.cve.org/CVERecord?id=CVE-2026-4631
- https://www.cve.org/CVERecord?id=CVE-2026-4800
SRPMS
9/core
- cockpit-356.2-1.mga9