Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Debian jessie glibc 安全漏洞
Vulnerability Description
Debian是Debian Project合作组织创建的以Linux或FreeBSD为内核的自由操作系统。该操作系统所使用的基础工具大部分来源于GNU。jessie是Debian其中的一个分支版本。glibc(又名GNU C Library,libc6)package是其中的一个按照LGPL许可协议发布的开源免费的C语言编译程序包。 Debian jessie上的glibc 2.19-18+deb8u4之前版本中的pt_chown中存在安全漏洞,该漏洞源于程序没有执行与文件描述符传递相关的命名空间检查。本
CVSS Information
N/A
Vulnerability Type
N/A