-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : das-watchdog Version : 0.9.0-2+deb6u1 CVE ID : CVE-2015-2831 Debian Bug : 781806
Adam Sampson discovered a buffer overflow in the handling of the XAUTHORITY environment variable in das-watchdog, a watchdog daemon to ensure a realtime process won't hang the machine. A local user can exploit this flaw to escalate his privileges and execute arbitrary code as root. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVKo5pAAoJEAVMuPMTQ89EpS4P/34TMYuRaKqX1XJbR89dKM/Z tmJqbie4OhJWlxF1hUpWzWPPSx4vfNE5KiyI7jYQJF78UTPk9iKjI4eLUwpSbz6V aZSvqWibYwpmGsMp5RWHnf8mk8wfjuSvtSVcVtmn9AnY33jCMx0p3bcjDyijMlZ4 y7m/lMO4IMUgAhtXfsMjuxyJWLpPYtVyU/2AcI0OdoR4wViu354PFwc8Al9pqNb/ uwfgIFsmMZYEFBB/4LV818JOIJtN42C7rkKtW94xIkIvvUCyU/yK5jKpjtErOmkz 2/RKh0Ry2brG5UgJH9Ox9l3zaF67On4DsZx++AEd1H8nyd0/nCoExmKPBncIjQ+g fiG0vVVmEc4Mku+mLDRqzVg/dc8FlgUAhU25xmZ/m64DjJoizuGCRDKDZWhVdy8/ l9pUScW/31Y/Z9oj6mIO+UcKPpw8DSs33Ad8NF95mZfekpBwbGKtsI4JcOTg7Qd9 uzpAlGjvqV/a0asOJq1EvmH8IeEmQFRR9h1GfgNSNtng8aYfGkpdpHhCguJCKore TsmWfYCnvR24swckGEc35RRYRdMS92grZJyXFMVBxa8rmN8zrEfJxr/kigEWc733 h6BkuqS8wVU4o1LoWlBwqijF8hd0voqVjIF3wRiNbd1j72bx/EtWtlJIezijJvF0 XHvt6Nn2OvDCEeGZAQTo =7Y9s -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
