CVE-2014-3980 Information

Feb 14, 2021 cve

Description

libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in the abstract namespace which allows local users to gain privileges via unspecified vectors.

Reference

http://www.openwall.com/lists/oss-security/2014/06/05/16 http://www.openwall.com/lists/oss-security/2014/06/06/11 http://www.securityfocus.com/bid/67903 https://github.com/ueno/libfep/commit/293d9d3f

Share on: