github.com/google/fscrypt is vulnerable to privilege escalation. It does not correctly restore the primary and supplementary group IDs to the values associated with the root user, allowing the attacker to escalate the privileges through applications that use the Linux-PAM (aka pam).
CPE | Name | Operator | Version |
---|---|---|---|
github.com/google/fscrypt | eq | HEAD | |
github.com/google/fscrypt | le | 0.2.3 |