CVE-2014-0470

EPSS 0.04%

super - security update

Published: 4/30/2014Modified: 4/28/2026

Description

super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.

Affected packages (2)

Debian/superfrom 0, < 3.30.0-7
Debian/superfrom 0, < 3.30.0-3+squeeze2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0470