Race Condition in su Allows Killing Processes with Root Privileges

Race Condition in su Allows Killing Processes with Root Privileges

CVE-2017-2616 · MEDIUM Severity

AV:L/AC:M/AU:N/C:N/I:N/A:C

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.