CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

References

Affected packages

Git / github.com/aide/aide

Affected ranges

Type: GIT
Repo: https://github.com/aide/aide
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d4b80a9e5d48494e0003d22d9ce1a8133de0f15e

Affected versions

aide.*

aide.0.10.release

aide.0.11.rc1.release

aide.0.11.rc2.release

aide.0.11.rc3.release

aide.0.11.release

aide.0.11a.debian

aide.0.11b.nocurl

aide.0.12.rc1.release

aide.0.12.rc2.release

aide.0.12.release

aide.0.13.1.release

aide.0.13.rc1.release

aide.0.13.rc2.release

aide.0.13.release

aide.0.14.1.release

aide.0.14.2.release

aide.0.14.rc1.release

aide.0.14.rc2.release

aide.0.14.rc3.release

aide.0.14.release

aide.0.15.1.release

aide.0.15.rc1.release

aide.0.15.release

cs.*

cs.tut.fi.import

v0.*

v0.16

v0.16.1

v0.16.2

v0.16a1

v0.16a2

v0.16b1

v0.16rc1

v0.17

v0.17.1

v0.17.2

v0.17.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45417.json"

Git / gitlab.freedesktop.org/xorg/xserver

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/xorg/xserver
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

325fb002e8832a05361516bbaf19d1e8b67a3486

Affected versions

Other

xf-3_9_16Z

xf-3_9_16Za

xf-3_9_16d

xf-3_9_16e

xf-3_9_16f

xf-3_9_17

xf-3_9_17Z

xf-3_9_17a

xf-3_9_17b

xf-3_9_17c

xf-3_9_17d

xf-3_9_17e

xf-3_9_17f

xf-3_9_18

xf-3_9_18Z

xf-3_9_18Za

xf-3_9_18a

xf-3_9_18b

xf-4_0

xf-4_0-bindist

xf-4_0Z

xf-4_0_1

xf-4_0_1-bindist

xf-4_0_1a

xf-4_0a

xf-4_0b

xf-4_0c

xf-4_0d

xf-4_0e

xf-4_0f

xf-4_0g

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45417.json"