Описание
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
It was found that chroot was vulnerable to TIOCSTI ioctl attacks, allowing the executed program to push characters to its TTY's input buffer. While being executed as a non-privileged user, a specially crafted program could force its parent TTY to enter commands, interpreted by the shell when chroot exits.
Отчет
This issue affects the versions of coreutils as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | coreutils | Not affected | ||
| Red Hat Enterprise Linux 6 | coreutils | Will not fix | ||
| Red Hat Enterprise Linux 7 | coreutils | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
8.6 High
CVSS3
6.2 Medium
CVSS2
Связанные уязвимости
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
chroot in GNU coreutils, when used with --userspec, allows local users ...
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
EPSS
8.6 High
CVSS3
6.2 Medium
CVSS2