CVE-2016-2779

CVE-2016-2779

EPSS 0.4%

runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815922 http://www.openwall.com/lists/oss-security/2016/02/27/1 http://www.openwall.com/lists/oss-security/2016/02/27/2