Skip to main content
Skip table of contents

ISN 2025-24: Command Execution in IGEL OS

First published 30 June 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

A security vulnerability has been found in the IGEL OS base system. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

An issue has been found in the way IGEL OS handles the LD_PRELOAD environment variable. This may enable a local user to execute arbitrary commands, even in the session of another user.

Update Instructions

  • OS 12: Update to IGEL OS 12.7.1.

  • OS 11: Update to IGEL OS 11.10.410 when available (planned for July).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close