Untrusted Search Path Vulnerability in Keybase Command-Line Client

Untrusted Search Path Vulnerability in Keybase Command-Line Client

CVE-2018-18629 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.