Lucene search

K
broadcomBroadcom Security ResponseBSA-2017-349
HistoryJun 23, 2017 - 12:00 a.m.

BSA-2017-349

2017-06-2300:00:00
Broadcom Security Response
5

Summary

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root.

Affected Products Product Current Assessment
Brocade SLX-OS Impacted: Appliance fixed in 17r2.01.
Products Confirmed Not Vulnerable

Brocade FastIron OS, Brocade NetIron OS, Brocade ServerIron ADX, Brocade Virtual ADX, Brocade Virtual Web Application Firewall, and Brocade Workflow Composer are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.


Revision History

Version Change Date
1.0 Initial Publication June 23, 2017
2.0 Updated to address ADX, vADX, & WC October 27, 2017