Security Advisory

CVE-2023-1521

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-26 11:15:59

Last updated 2024-11-26 20:45:48

Assigner mozilla

State PUBLISHED

Description

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.

← Browse all CVEs View on cve.org ↗