CVE-2022-37706
Published
CVSS v3
7.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.
A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)
GitHub