Описание
Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call.
Ссылки
- PatchVendor Advisory
- ExploitPatch
- Exploit
- Exploit
- PatchVendor Advisory
- ExploitPatch
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 4.1 (включая)
cpe:2.3:a:rocks_clusters:rocks_clusters:*:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.0043
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call.
EPSS
Процентиль: 62%
0.0043
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other