Security
Security
A vulnerability has been found in AIDE which can lead to root privilege escalation.
| Package | app-forensics/aide on all architectures |
|---|---|
| Affected versions | < 0.17.4 |
| Unaffected versions | >= 0.17.4 |
AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used to check the integrity of the file. All of the usual file attributes can also be checked for inconsistencies.
A vulnerability has been discovered in AIDE. Please review the CVE identifier referenced below for details.
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
There is no known workaround at this time.
All AIDE users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-forensics/aide-0.17.4"
Release date
November 25, 2023
Latest revision
November 25, 2023: 1
Severity
high
Exploitable
remote
Bugzilla entries