{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-07T21:29:44Z",
  "bugzilla" : {
    "description" : "flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation",
    "id" : "2456284",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2456284"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.7",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-22",
  "details" : [ "Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps  to delete arbitrary files on the host. This vulnerability is fixed in 1.16.4.", "A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so (dynamic linker/loader) improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated cache directory. This vulnerability allows Flatpak applications to delete arbitrary files on the host system, potentially leading to system instability or data loss." ],
  "statement" : "The CVE has been rated as moderate by Red Hat for multiple reasons. The vulnerability can only be exploited by executing a malicious Flatpak application on the local system. The attacker must already have the ability to: provide a Flatpak package to the victim, and have the victim install/run it locally. The attacker must execute a Flatpak application under a valid user account; hence privilage required is low. A victim must: install,trust,or launch the malicious Flatpak application.\nWithout user interaction, the exploit cannot occur because the attacker cannot independently trigger execution of the malicious package.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2026-05-28T00:00:00Z",
    "advisory" : "RHSA-2026:21757",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.2",
    "package" : "flatpak-0:1.16.0-9.el10_2.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:23420",
    "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0",
    "package" : "flatpak-0:1.16.0-5.el10_0.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-05-28T00:00:00Z",
    "advisory" : "RHSA-2026:21756",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "flatpak-0:1.12.9-4.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2026-06-11T00:00:00Z",
    "advisory" : "RHSA-2026:25381",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.6",
    "package" : "flatpak-0:1.12.9-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
    "release_date" : "2026-06-11T00:00:00Z",
    "advisory" : "RHSA-2026:25381",
    "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.6",
    "package" : "flatpak-0:1.12.9-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
    "release_date" : "2026-06-10T00:00:00Z",
    "advisory" : "RHSA-2026:25068",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.8",
    "package" : "flatpak-0:1.12.9-1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
    "release_date" : "2026-06-10T00:00:00Z",
    "advisory" : "RHSA-2026:25068",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.8",
    "package" : "flatpak-0:1.12.9-1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-05-28T00:00:00Z",
    "advisory" : "RHSA-2026:21755",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "flatpak-0:1.12.9-4.el9_8.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:23419",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.2",
    "package" : "flatpak-0:1.12.7-5.el9_2.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:23417",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.4",
    "package" : "flatpak-0:1.12.9-3.el9_4.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:23418",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.6",
    "package" : "flatpak-0:1.12.9-4.el9_6.1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Affected",
    "package_name" : "flatpak",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-34079\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34079\nhttps://github.com/flatpak/flatpak/security/advisories/GHSA-p29x-r292-46pp" ],
  "name" : "CVE-2026-34079",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}