![oss-sec logo](/images/oss-sec-logo.png)
oss-sec mailing list archives
[CVE request] Local privilege escalation in libfep
From: Florian Weimer <fweimer () redhat com>
Date: Thu, 05 Jun 2014 13:40:02 +0200
It was discovered that libfep uses UNIX domain sockets in the abstract namespace in an insecure way. As a result, unprivileged local users were able to inject commands into running fep sessions of other users.
The upstream fix simply removes abstract namespace support, using a restricted directory to host the UNIX domain socket instead:
https://github.com/ueno/libfep/commit/293d9d3f Abstract namespace support was introduced in this commit: https://github.com/ueno/libfep/commit/5a170323This means that versions from 0.0.5 to 0.0.9 (inclusive) are vulnerable, and 0.1.0 has the fix.
-- Florian Weimer / Red Hat Product Security Team
Current thread:
- [CVE request] Local privilege escalation in libfep Florian Weimer (Jun 05)
- Re: [CVE request] Local privilege escalation in libfep cve-assign (Jun 06)