Описание
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Ссылки
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Issue TrackingTool SignatureVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Issue TrackingTool SignatureVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker ...
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Уязвимость библиотеки LibXfont, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3
4.9 Medium
CVSS2