CVE-2018-18629
N/A
N/A
Summary
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://keybase.io/docs/secadv/kb002
- https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/
- https://hackerone.com/reports/426944
References
- https://keybase.io/docs/secadv/kb002
- https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/
- https://hackerone.com/reports/426944
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.