1 results (0.005 seconds)
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-23220 – Gentoo Linux Security Advisory 202310-15
https://notcve.org/view.php?id=CVE-2022-23220
21 Jan 2022 — USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. USBView versiones 2.1 anteriores a 2.2, permite a algunos usuarios locales (por ejemplo, los que son conectados por SSH) ejecutar código arbitrario como root porque determinadas configuracione... • http://www.openwall.com/lists/oss-security/2022/01/22/1 • CWE-306: Missing Authentication for Critical Function •