CVE-2016-2568

Опубликовано: 13 фев. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.4

CVSS3: 7.8

Описание

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was deferred
cosmic	ignored	end of life
devel	deferred
disco	ignored	end of life
eoan	ignored	end of life
esm-infra-legacy/trusty	deferred
esm-infra/bionic	deferred
esm-infra/focal	deferred
esm-infra/xenial	deferred

Показывать по

Ссылки на источники

EPSS

Процентиль: 34%

0.00131

Низкий

4.4 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2016-2568

CVSS3: 6.1

redhat

почти 10 лет назад

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

CVE-2016-2568

CVSS3: 7.8

nvd

почти 9 лет назад

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

CVE-2016-2568

CVSS3: 7.8

msrc

3 месяца назад

pkexec, when used with --user nonpriv, allows local users to escape to the parent session

CVE-2016-2568

CVSS3: 7.8

debian

почти 9 лет назад

pkexec, when used with --user nonpriv, allows local users to escape to ...

GHSA-8vgc-x7hv-3g84

CVSS3: 7.8

github

больше 3 лет назад

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

EPSS

Процентиль: 34%

0.00131

Низкий

4.4 Medium

CVSS2

7.8 High

CVSS3

CVE-2016-2568

Описание

Пакет policykit-1

Ссылки на источники

Связанные уязвимости