Your submission was sent successfully! Close

CVE-2021-45417

Published: 20 January 2022

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
aide
Launchpad, Ubuntu, Debian
bionic
Released (0.16-3ubuntu0.1)
focal
Released (0.16.1-1ubuntu0.1)
hirsute
Released (0.17.3-1ubuntu0.1)
impish
Released (0.17.3-4ubuntu0.1)
jammy Not vulnerable
(0.17.4-1)
trusty
Released (0.16~a2.git20130520-2ubuntu0.1+esm1)
upstream
Released (0.17.4)
xenial
Released (0.16~a2.git20130520-3ubuntu0.1~esm1)