Описание
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | trousers | Out of support scope | ||
| Red Hat Enterprise Linux 6 | trousers | Out of support scope | ||
| Red Hat Enterprise Linux 7 | trousers | Fix deferred | ||
| Red Hat Enterprise Linux 8 | trousers | Fixed | RHSA-2021:1627 | 18.05.2021 |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-271
https://bugzilla.redhat.com/show_bug.cgi?id=1870054trousers: fails to drop the root gid privilege when no longer needed
EPSS
Процентиль: 16%
0.00052
Низкий
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
ubuntu
почти 5 лет назад
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
CVSS3: 7.8
nvd
почти 5 лет назад
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
CVSS3: 7.8
debian
почти 5 лет назад
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...
EPSS
Процентиль: 16%
0.00052
Низкий
7.8 High
CVSS3