CVE-2022-2787

Summary

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.

Affected Software

VendorProductVersion RangeStatus
Debianschrootunspecified < 1.6.13affected

Weaknesses

  • insufficient sanitiztion of chroot and session names

ADP Enrichment

CVE Program Container

Additional References

References