N/A

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

N/A

检查时间与使用时间(TOCTOU)的竞争条件

networkd-dispatcher 安全漏洞

networkd-dispatcher是美国clayton craft个人开发者的一个用于 systemd-networkd 连接状态更改的调度程序守护进程。 networkd-dispatcher 1.0 - 2.1 版本存在安全漏洞，该漏洞源于发现的脚本和正在运行的脚本之间存在竞争条件。攻击者利用此漏洞可提升系统权限。

N/A

N/A