blob: a897f6d125d085577ebabc645abd7bd3ba4c6a67 [file] [log] [blame]
module: github.com/google/fscrypt
package: github.com/google/fscrypt/pam
additional_packages:
- module: github.com/google/fscrypt
package: github.com/google/fscrypt/security
symbols:
- UserKeyringID
versions:
- fixed: v0.2.4
description: |
After dropping and then elevating process privileges euid, guid, and groups
are not properly restored to their original values, allowing an unprivileged
user to gain membership in the root group.
published: 2021-04-14T12:00:00Z
cve: CVE-2018-6558
symbols:
- NewHandle
- SetProcessPrivileges
- Handle.StopAsPamUser
links:
commit: https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b
context:
- https://github.com/google/fscrypt/issues/77