CVE-2026-6843: Use of Externally-Controlled Format String in Red Hat Red Hat Enterprise Linux 10
CVE-2026-6843 is a format string vulnerability in the nano text editor on Red Hat Enterprise Linux 10. A local user can cause nano to crash by creating a directory with a name containing printf format specifiers, which triggers a segmentation fault in the vulnerable statusline() function. This results in a denial of service (DoS) condition. The vulnerability has a medium severity with a CVSS score of 5. 5. There is no vendor advisory indicating a patch or fix at this time.
AI Analysis
Technical Summary
This vulnerability involves an externally-controlled format string in the nano text editor on Red Hat Enterprise Linux 10. Specifically, when nano attempts to display directory names containing printf format specifiers in its statusline() function, it can trigger a segmentation fault. This flaw allows a local user to cause a denial of service by crashing the nano application. The CVSS 3.1 vector indicates local attack vector, low complexity, no privileges required, user interaction required, unchanged scope, no confidentiality or integrity impact, and high impact on availability.
Potential Impact
The impact is a denial of service condition caused by crashing the nano text editor when it processes directory names with malicious format specifiers. There is no indication of confidentiality or integrity compromise. The vulnerability requires local user access and user interaction to trigger. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. At this time, no official fix or patch has been published by Red Hat. Users should monitor the Red Hat advisory page for updates. Until a fix is available, avoid opening directories with untrusted or suspicious names containing format specifiers in nano.
CVE-2026-6843: Use of Externally-Controlled Format String in Red Hat Red Hat Enterprise Linux 10
Description
CVE-2026-6843 is a format string vulnerability in the nano text editor on Red Hat Enterprise Linux 10. A local user can cause nano to crash by creating a directory with a name containing printf format specifiers, which triggers a segmentation fault in the vulnerable statusline() function. This results in a denial of service (DoS) condition. The vulnerability has a medium severity with a CVSS score of 5. 5. There is no vendor advisory indicating a patch or fix at this time.
CVSS v3.1
Score 5.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves an externally-controlled format string in the nano text editor on Red Hat Enterprise Linux 10. Specifically, when nano attempts to display directory names containing printf format specifiers in its statusline() function, it can trigger a segmentation fault. This flaw allows a local user to cause a denial of service by crashing the nano application. The CVSS 3.1 vector indicates local attack vector, low complexity, no privileges required, user interaction required, unchanged scope, no confidentiality or integrity impact, and high impact on availability.
Potential Impact
The impact is a denial of service condition caused by crashing the nano text editor when it processes directory names with malicious format specifiers. There is no indication of confidentiality or integrity compromise. The vulnerability requires local user access and user interaction to trigger. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. At this time, no official fix or patch has been published by Red Hat. Users should monitor the Red Hat advisory page for updates. Until a fix is available, avoid opening directories with untrusted or suspicious names containing format specifiers in nano.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-04-22T07:23:19.148Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-6843","vendor":"Red Hat"}]
Threat ID: 69e88e5219fe3cd2cd83b850
Added to database: 4/22/2026, 9:01:06 AM
Last enriched: 6/3/2026, 9:17:07 PM
Last updated: 6/6/2026, 8:54:01 AM
Views: 81
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.