| module = "github.com/google/fscrypt" |
| package = "github.com/google/fscrypt/pam" |
| |
| description = """ |
| After dropping and then elevating process privileges euid, guid, and groups |
| were not properly restored to their original values, allowing an unprivileged |
| user to gain membership in the root group. |
| """ |
| |
| cve = "CVE-2018-6558" |
| |
| symbols = ["NewHandle", "SetProcessPrivileges", "Handle.StopAsPamUser"] |
| |
| published = "2021-04-14T12:00:00Z" |
| |
| [[versions]] |
| fixed = "v0.2.4" |
| |
| [[additional_packages]] |
| module = "github.com/google/fscrypt" |
| package = "github.com/google/fscrypt/security" |
| symbols = ["UserKeyringID"] |
| |
| [links] |
| commit = "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b" |
| context = ["https://github.com/google/fscrypt/issues/77"] |
