Privilege Escalation Vulnerability in Gentoo GIMPS Package

Privilege Escalation Vulnerability in Gentoo GIMPS Package

CVE-2017-14484 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.

Learn more about our Cis Benchmark Audit For Debian Family Linux.