runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/02/27/1 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/02/27/2 | Mailing List Third Party Advisory |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815922 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-02-07T15:00:00
Updated: 2017-02-07T13:57:01
Reserved: 2016-02-27T00:00:00
Link: CVE-2016-2779
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-02-07T15:59:00.287
Modified: 2019-01-04T14:14:12.293
Link: CVE-2016-2779
JSON object: View
Redhat Information
No data.
CWE