Debian Security Advisory 3221-1

Debian Security Advisory 3221-1: Posted Apr 13, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3221-1 - Adam Sampson discovered a buffer overflow in the handling of the XAUTHORITY environment variable in das-watchdog, a watchdog daemon to ensure a realtime process won't hang the machine. A local user can exploit this flaw to escalate his privileges and execute arbitrary code as root.; tags | advisory, overflow, arbitrary, local, root; systems | linux, debian; advisories | CVE-2015-2831; SHA-256 | 97437faf0c85ea7147b497e0af76a2ede6e124558f969648c04e31c63dce6b66; Download | Favorite | View

Debian Security Advisory 3221-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3221-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
April 12, 2015                         http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : das-watchdog
CVE ID         : CVE-2015-2831
Debian Bug     : 781806

Adam Sampson discovered a buffer overflow in the handling of the
XAUTHORITY environment variable in das-watchdog, a watchdog daemon to
ensure a realtime process won't hang the machine. A local user can
exploit this flaw to escalate his privileges and execute arbitrary
code as root.

For the stable distribution (wheezy), this problem has been fixed in
version 0.9.0-2+deb7u1.

For the unstable distribution (sid), this problem has been fixed in
version 0.9.0-3.1.

We recommend that you upgrade your das-watchdog packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVKowJAAoJEAVMuPMTQ89EQd8QAIwQWC2VVY3qydwraJSrKCPv
cRTq7TTlfni3AVgPJWfc1XKniTh5J4UZILWB+uJ72OxljMXPCwr9F4z0x4G2CG6i
L/YhIoV8bA08bHbV66mp4rtYlsfd49U0Tdtcv+tYy7Lm+GcctGzP2KOmdpE4DFQo
vVAfbp9ujCLMUE9815Bh6vvlxPnZSDWsI8l0bveb05OQXJ3itP1wWY2AIoaTa2jR
DzdptyrMX/41GIrB5OcJK/LaxzBNScMcsl9m8U6j4nfDzssS+9EVmIKa523ESwvT
htkL3I5shSRfGcI0HSUeT1cgnAtophiht73ohkN/pYwvj0/IUNy0jWJ9nqommFw9
kqkTioCcDaGYMGV5Ka5vtjq09CpVuNRiskx+JPL+0BJIQxDfwq8NlUUEqAXFsKcg
Cob1VG6Is4ugKtoX51ThuGeBip+JNxdihfHnGLI3acIQfgqvKCZSeHZ/+T2JnH31
OXBnSPIdHez1zn/pUePNYzWh6ujgWf4SVuDp9vaIvfEgsrgzSTJmVyt3ojSS7kUv
+WlZyQe/M/R91OrpuDjIgcqpd/11Qd/5KzqWtcpTvRQ0zatVxmO+RiMf4P0YU+AA
O1plqey4NZpdzU3wFC9ZuJVPtU91k67W15xW2Z6lOp2ixT6Sysyl2is/j85ck7o5
ETx3fOujyBSSKHAKfCYh
=MMJ0
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 60 files
Debian 19 files
Gentoo 8 files
Apple 5 files
Google Security Research 4 files
Jann Horn 3 files
Spencer McIntyre 3 files
LiquidWorm 3 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 3221-1

Debian Security Advisory 3221-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3221-1

Share This

Debian Security Advisory 3221-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems