CVE-2020-36657 Information

Description

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory because there is an unsafe chown -R call.

Reference

https://bugs.gentoo.org/630810