First published: Tue Jul 07 2009(Updated: )
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pulseaudio Pulseaudio | =0.9.10 | |
Pulseaudio Pulseaudio | =0.9.9 | |
Pulseaudio Pulseaudio | =0.9.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.