ALT Linux Team

Package man-db update in p9 on 2019-11-12

ALT-PU-2019-3123-1

Package man-db updated to version 2.8.5-alt2 for branch p9 in task 240285.

Closed vulnerabilities

Published: 2023-01-27
Modified: 2024-11-21

CVE-2018-25078

man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top