CVE-2009-1894

EPSS 0.10%

pulseaudio - privilege escalation

發布日:2009/7/17修改日:2026/4/28

描述

Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.

受影響套件(2)

Debian/pulseaudiofrom 0, < 0.9.15-4.1
Debian/pulseaudiofrom 0, < 0.9.10-3+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1894