Download
| Alert*
oval:org.secpod.oval:def:602760
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. oval:org.secpod.oval:def:51713 ntfs-3g: read/write NTFS driver for FUSE NTFS-3G could be made to load kernel modules as an administrator. oval:org.secpod.oval:def:703446 ntfs-3g: read/write NTFS driver for FUSE NTFS-3G could be made to load kernel modules as an administrator. |