Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU Hurd 竞争条件问题漏洞
Vulnerability Description
GNU Hurd是GNU基金会的一个 Gnu 项目对 Unix 内核的替代品。用于实现文件系统、网络协议、文件访问控制以及其他由 Unix 内核或类似内核(如 Linux)实现的功能。 GNU Hurd 存在安全漏洞,该漏洞源于在0.9 20210404-9之前在GNU Hurd中当尝试执行setuid可执行文件时,在一段时间内进程已经拥有了新特权,但仍然引用旧任务,并且可以通过旧进程端口访问。攻击者可利用该漏洞来获得完全的根访问权限。
CVSS Information
N/A
Vulnerability Type
N/A