oss-sec mailing list archives
Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables
From: Agostino Sarubbo <ago () gentoo org>
Date: Wed, 01 Feb 2017 14:07:31 +0100
On Wednesday 01 February 2017 07:44:15 Laszlo Boszormenyi wrote:
This is the case for Debian,Ubuntu and probably Gentoo.
To clarify: on Gentoo the package is installed as setuid only when there is USE="suid" which is not active by default. I reported the issue into our bugzilla as well. Thanks for the report. -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables Laszlo Boszormenyi (GCS) (Feb 01)
- Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables Agostino Sarubbo (Feb 01)
- Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables Kristian Erik Hermansen (Feb 03)