A vulnerability has been discovered in Logcheck's ebuilds which could allow for root privilege escalation.
Package | app-admin/logcheck on all architectures |
---|---|
Affected versions | <= 1.3.23 |
Unaffected versions |
Logcheck mails anomalies in the system logfiles to the administrator.
The pkg_postinst phase of the Logcheck ebuilds recursively chown the /etc/logcheck and /var/lib/logcheck directories. If the logcheck adds hardlinks to other files in these directories, the chown call will follow the link and transfer ownership of any file to the logcheck user.
A local attacker with access to the logcheck user could escalate to root privileges.
There is no known workaround at this time.
Gentoo has discontinued support for Logcheck. We recommend that users remove it:
# emerge --ask --depclean "app-admin/logcheck"
Release date
September 25, 2022
Latest revision
September 25, 2022: 1
Severity
normal
Exploitable
remote
Bugzilla entries