CVE-2021-45417

Опубликовано: 20 янв. 2022

Источник: debian

EPSS Низкий

Описание

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
aide	fixed	0.17.4-1		package

Примечания

https://github.com/aide/aide/commit/175d1f2626f4500b4fc5ecb7167bba9956b174bc (v0.17.4)
https://www.openwall.com/lists/oss-security/2022/01/20/3

EPSS

Процентиль: 11%

0.00039

Низкий

Связанные уязвимости

CVE-2021-45417

CVSS3: 7.8

ubuntu

больше 3 лет назад

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

CVE-2021-45417

CVSS3: 7.5

redhat

больше 3 лет назад

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

CVE-2021-45417

CVSS3: 7.8

nvd

больше 3 лет назад

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

openSUSE-SU-2022:0150-2

suse-cvrf

больше 3 лет назад

Security update for aide

openSUSE-SU-2022:0150-1

suse-cvrf

больше 3 лет назад

Security update for aide

EPSS

Процентиль: 11%

0.00039

Низкий