Update: linuxconf

A vulnerability exists in linuxconf. If the LINUXCONF_LANG environment variable processes at least 964 bytes of data, a buffer overflow occurs, thereby allowing an attacker to modify the return address of the function and execute arbitrary code with root permissions.

This vulnerability affects any version of linuxconf that is installed setuid root.

For the update, click here.

Join the newsletter!

Error: Please check your email address.
Show Comments