Security Advisory

CVE-2018-6558

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-08-23 20:00:00

Last updated 2024-09-17 02:06:50

Assigner canonical

State PUBLISHED

Description

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

← Browse all CVEs View on cve.org ↗