CVE-2011-1784

EPSS 0.05%

Published: 5/20/2011Modified: 4/28/2026

Description

The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.

Affected packages (1)

Debian/keepalivedfrom 0, < 1:1.2.2-2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1784