Описание
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
Ссылки
- Not Applicable
- Mailing List
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken Link
- Broken Link
- Third Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Third Party Advisory
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одновременно
Одно из
EPSS
7.8 High
CVSS3
6 Medium
CVSS2
Дефекты
Связанные уязвимости
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later ...
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.8 High
CVSS3
6 Medium
CVSS2