Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): openrc
  • Search Type: Search All
There are 4 matching records.
Displaying matches 1 through 4.
Vuln ID Summary CVSS Severity
CVE-2018-21269

checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.

Published: October 27, 2020; 12:15:10 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-18925

opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.

Published: October 26, 2020; 2:15:14 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-18188

OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.

Published: February 14, 2018; 3:29:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-16638

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.

Published: November 06, 2017; 6:29:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH