Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-0358

Опубликовано: 13 апр. 2018
Источник: debian

Описание

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ntfs-3gfixed1:2016.2.22AR.1-4package

Примечания

  • PoC https://www.openwall.com/lists/oss-security/2017/02/04/1

Связанные уязвимости

ubuntu логотип

CVE-2017-0358

CVSS3: 7.8
ubuntu
почти 8 лет назад

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

nvd логотип

CVE-2017-0358

CVSS3: 7.8
nvd
почти 8 лет назад

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

suse-cvrf логотип

openSUSE-SU-2018:3696-1

suse-cvrf
около 7 лет назад

Security update for ntfs-3g_ntfsprogs

suse-cvrf логотип

SUSE-SU-2018:3587-2

suse-cvrf
около 7 лет назад

Security update for ntfs-3g_ntfsprogs

suse-cvrf логотип

SUSE-SU-2018:3587-1

suse-cvrf
больше 7 лет назад

Security update for ntfs-3g_ntfsprogs