Thomas Stangner discovered that chkrootkit incorrectly quoted certain values. A local attacker could use this issue to execute arbitrary code when chkrootkit is run and gain root privileges.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.49-4.1ubuntu1.14.04.1", "binary_name": "chkrootkit" } ] }