Описание
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:0.62~dfsg-0.1 |
| bionic | not-affected | 1:0.62~dfsg-0.1 |
| cosmic | not-affected | 1:0.62~dfsg-0.1 |
| devel | needs-triage | |
| disco | not-affected | 1:0.62~dfsg-0.1 |
| eoan | not-affected | 1:0.62~dfsg-0.1 |
| esm-apps/bionic | not-affected | 1:0.62~dfsg-0.1 |
| esm-apps/focal | not-affected | 1:0.62~dfsg-0.1 |
| esm-apps/jammy | not-affected | 1:0.62~dfsg-0.1 |
| esm-apps/noble | not-affected | 1:0.62~dfsg-0.1 |
Показывать по
Ссылки на источники
EPSS
2.1 Low
CVSS2
Связанные уязвимости
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
Incomplete blacklist vulnerability in the chfn function in libuser bef ...
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
EPSS
2.1 Low
CVSS2