Lucene search

K
ubuntuUbuntuUSN-804-1
HistoryJul 16, 2009 - 12:00 a.m.

PulseAudio vulnerability

2009-07-1600:00:00
ubuntu.com
64

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

Releases

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04

Packages

  • pulseaudio -

Details

Tavis Ormandy, Julien Tinnes, and Yorick Koster discovered that PulseAudio did not
safely re-execute itself. A local attacker could exploit this to gain
root privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu9.04noarchpulseaudio< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse-browse0< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse-browse0-dbg< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse-dev< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse-mainloop-glib0< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse-mainloop-glib0-dbg< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse0< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulse0-dbg< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulsecore9< 1:0.9.14-0ubuntu20.2UNKNOWN
Ubuntu9.04noarchlibpulsecore9-dbg< 1:0.9.14-0ubuntu20.2UNKNOWN
Rows per page:
1-10 of 751

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%