EUVD-2017-11154

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-20148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because ...

GLSA-202209-10 : Logcheck: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-202209-10 Logcheck: Root privilege escalation - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive...

CVE-2017-20148

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...

Privilege escalation

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...

UBUNTU-CVE-2017-20148

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...

OPENSUSE-SU-2021:0348-1 Security update for pcp

This update for pcp fixes the following issues: - Drop unnecessary %pre/%post recursive chown calls bsc1152533 This update was imported from the SUSE:SLE-15-SP1:Update update project...

systemd - chown_one() Dereference Symlinks

systemd - chownone Dereference Symlinks I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it has to...

systemd - 'chown_one()' Dereference Symlinks

I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it has to change ownership of a directory entry, it...

UBUNTU-CVE-2017-18188

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

CVE-2017-16638

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script...