CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-11931 – Ubuntu modifications to pulseaudio to provide snap security enforcement could be unloaded
https://notcve.org/view.php?id=CVE-2020-11931
12 May 2020 — An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue affects: pulseaudio 1:8.0 versions prior to 1:8.0-0ubuntu3.12; 1:11.1 versions prior to 1:11.1-1ubuntu7.7; 1:13.0 versions prior to 1:13.0-1ubuntu1.2; 1:13.99.1 versions prior to 1:13.99.1-1ubuntu3.2; Una modificaci... • https://forum.snapcraft.io/t/audio-switcher-pulseaudio-interface-auto-connect-request/16648/3 • CWE-284: Improper Access Control CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2009-1299 – Gentoo Linux Security Advisory 201402-10
https://notcve.org/view.php?id=CVE-2009-1299
18 Mar 2010 — The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file. La v0.9.10 y v0.9.19 permite a usuarios locales modificar el propietario y permisos de ficheros de su elección a través de ataque de enlaces simbólicos sobre un fichero temporal /tmp/.esd-#####. An insecure temporary file usage has been reported in PulseAudio, possibly allowing symlink attacks. V... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573615 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 4CVE-2009-1894 – PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1894
17 Jul 2009 — Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink. Condición de carrera en PulseAudio v0.9.9, v0.9.10, y v0.9.14 permite a usuarios locales conseguir privilegios a través de vectores que implican la creación de "hard links", relativo a fijar la configuración de LD_BIND_NOW a 1, y entonces, llamar a ex... • https://www.exploit-db.com/exploits/9208 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •