Описание
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This resulted in neither changing the group id nor initializing secondary group ids.
Ссылки
- PatchThird Party Advisory
- PatchRelease NotesThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- PatchRelease NotesThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This resulted in neither changing the group id nor initializing secondary group ids.
Уязвимость функции setusercontext() утилиты doas, позволяющая нарушителю оказать воздействие на целостность, конфиденциальность и доступность защищаемой информации
EPSS
8.8 High
CVSS3
9 Critical
CVSS2