2 matches found
CVE-2018-0492
Beep is affected by CVE-2018-0492: a race condition in the setuid-beep path allows local privilege escalation in the beep package (version around 1.3.4). Public disclosures reference Gentoo GLSA-201805-15 and Debian/DLA-1338-1; Fedora also released an update (beep-1.3-26.fc28). Mitigation in the ...
CVE-2018-1000532
The CVE-2018-1000532 issue affects beep (version 1.3 and later). A vulnerability named External Control of File Name or Path exists in the --device option that can allow a local unprivileged user to inhibit execution of arbitrary programs by other users, enabling DoS. Public references in connect...