CVE-2018-12615

CVE-2018-12615

An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.

Source: CVE-2018-12615

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다