CVE-2008-0008

Sažetak

The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=207214
http://pulseaudio.org/changeset/2100
http://secunia.com/advisories/28608
http://secunia.com/advisories/28623
http://secunia.com/advisories/28738
http://secunia.com/advisories/28952
http://security.gentoo.org/glsa/glsa-200802-07.xml
http://www.debian.org/security/2008/dsa-1476
http://www.mandriva.com/security/advisories?name=MDVSA-2008:027
http://www.securityfocus.com/bid/27449
http://www.ubuntu.com/usn/usn-573-1
http://www.vupen.com/english/advisories/2008/0283
https://bugzilla.novell.com/show_bug.cgi?id=347822
https://bugzilla.redhat.com/show_bug.cgi?id=425481
https://exchange.xforce.ibmcloud.com/vulnerabilities/39992
https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-01-2024 - 02:46

Objavljeno

29-01-2008 - 00:00