The pam_fscrypt module in fscrypt prior to 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows malicious users to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google fscrypt |