CVE-2011-2910

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2011-2910

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-2910.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2011-2910

Downstream

DEBIAN-CVE-2011-2910

Published

2019-11-15T17:15:12Z

Modified

2026-04-10T03:41:55.247040Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2910
https://security-tracker.debian.org/tracker/CVE-2011-2910
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2910
https://access.redhat.com/security/cve/cve-2011-2910

CVE-2011-2910

Affected packages