← back
CVE-2017-18188

CVE-2017-18188

EPSS 0.4%
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/OpenRC/opentmpfiles/issues/3