CVE-2017-18188

Published February 14th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

2.1

LOW

Affected

PROJECT

Description

OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.

OpenRC/opentmpfiles

a standalone utility for handling systemd-style tmpfiles.d settings

GitHub