In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls.
References
Link | Resource |
---|---|
https://bugs.gentoo.org/630752 | Exploit Issue Tracking Patch Third Party Advisory |
https://security.gentoo.org/glsa/202209-10 | Third Party Advisory |
https://bugs.gentoo.org/630752 | Exploit Issue Tracking Patch Third Party Advisory |
https://security.gentoo.org/glsa/202209-10 | Third Party Advisory |
Configurations
History
29 May 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-732 |
21 Nov 2024, 03:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-20 18:15
Updated : 2025-05-29 14:15
NVD link : CVE-2017-20148
Mitre link : CVE-2017-20148
CVE.ORG link : CVE-2017-20148
JSON object : View
Products Affected
debian
- logcheck
CWE