In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.
CPE | Name | Operator | Version |
---|---|---|---|
open_buildservice | ge | 2.4 | |
open_buildservice | lt | 2.4.8 | |
open_buildservice | ge | 2.5 | |
open_buildservice | lt | 2.5.7 | |
open_buildservice | ge | 2.6 | |
open_buildservice | lt | 2.6.3 |