CVE-2007-1716Incorrect Ownership Assignment in Redhat Enterprise Linux

CWE-708Incorrect Ownership Assignment7 documents5 sources
Severity
3.4LOWNVD
EPSS
0.1%
top 77.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise Linux
Timeline
PublishedMar 27
Latest updateMay 3

Description

pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.

CVSS vector

AV:L/AC:H/C:P/I:P/A:PExploitability: 1.2 | Impact: 6.4

Affected Packages0 packages

Also affects: Enterprise Linux 4.4

🔴Vulnerability Details

1
GHSA
GHSA-98r5-6f9v-46jc: pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs ou2022-05-03

📋Vendor Advisories

1
Red Hat
security flaw2007-03-03

📐Framework References

1
CWE
Incorrect Ownership Assignment

💬Community

3
Bugzilla
CVE-2007-1716 security flaw2018-08-16
Bugzilla
CVE-2007-1716 Ownership of devices not returned to root after logout from console2007-03-27
Bugzilla
CVE-2007-1716 Ownership of devices not returned to root after logout from console2007-03-23