CVE-2020-36657

Description

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.

Related CPE's

a uptimed_project uptimed *****gentoo **

References

https://bugs.gentoo.org/630810

ExploitPatchThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io