2 matches found
CVE-2017-18240
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL when the service is...
CVE-2017-18240
The CVE affects Gentoo’s app-admin/collectd prior to 5.7.2-r1. The root cause is that the PID file directory ownership is set to the collectd account, enabling a local attacker to kill arbitrary processes by modifying the PID directory before a root SIGKILL. Impact is local privilege/denial of se...