← All CVEs

CVE-2026-6893

HIGH 7.5

Published 2026-06-10 · Last modified 2026-06-30

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and written into temporary shell scripts without proper escaping, leading to command injection. This allows the attacker to achieve root code execution within the initramfs, potentially compromising the system's boot and network behavior.

ELEVATED IMPACT

Severe if exploited (CVSS 7.5), but no known exploitation and low modeled probability. Patch on a normal cadence.

Exploitation likelihood

1.1%chance of exploitation in 30 days · 62nd percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

7.5CVSS 3.1 · HIGH

  • ConfidentialityHigh
  • IntegrityHigh
  • AvailabilityHigh

What an attacker needs

  • Access: Must sit on the same / adjacent network
  • Privileges: No account or privileges required
  • User interaction: No user interaction needed
  • Complexity: Needs a race window or specific setup

✓ lowers the bar for an attacker · ⚠ raises it

Affected

Vendors Red Hat

Products Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Hardened Images Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Openshift Container Platform 4 Red Hat Enterprise Linux Appstream (V. 10)

Weakness (CWE)

  • CWE-78: OS command injection

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Advisories

Sources: NVD · CVE.org · EPSS