Security Advisory

CVE-2015-8325

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-05-01 00:00:00

Last updated 2026-05-22 14:29:32

Assigner mitre

State PUBLISHED

Description

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

← Browse all CVEs View on cve.org ↗