Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-6558

Опубликовано: 23 авг. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.9
CVSS3: 6.5

Описание

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

РелизСтатусПримечание
bionic

released

0.2.2-0ubuntu2.1
cosmic

ignored

end of life
devel

not-affected

0.2.4-2
disco

not-affected

0.2.4-2
esm-apps/bionic

released

0.2.2-0ubuntu2.1
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 43%
0.00206
Низкий

4.9 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-6558

CVSS3: 6.5
nvd
больше 7 лет назад

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

debian логотип

CVE-2018-6558

CVSS3: 6.5
debian
больше 7 лет назад

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore ...

github логотип

GHSA-qj26-7grj-whg3

CVSS3: 6.5
github
больше 4 лет назад

Privilege Escalation in fscrypt

EPSS

Процентиль: 43%
0.00206
Низкий

4.9 Medium

CVSS2

6.5 Medium

CVSS3