CVE-2018-0493
N/A
N/A
Summary
remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | remctl | remctl | affected |
Weaknesses
- Use after free, double free
ADP Enrichment
CVE Program Container
Additional References
- https://git.eyrie.org/?p=kerberos/remctl.git%3Ba=commit%3Bh=86c7e44090c988112a37589d2c7a94029eb5e641
- https://www.debian.org/security/2018/dsa-4159
- https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html
References
- https://git.eyrie.org/?p=kerberos/remctl.git%3Ba=commit%3Bh=86c7e44090c988112a37589d2c7a94029eb5e641
- https://www.debian.org/security/2018/dsa-4159
- https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.