vulnerability
SUSE: CVE-2017-9772: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jun 23, 2017 | Feb 4, 2022 | Feb 4, 2022 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 23, 2017
Added
Feb 4, 2022
Modified
Feb 4, 2022
Description
Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variable.
Solutions
suse-upgrade-ocamlsuse-upgrade-ocaml-compiler-libssuse-upgrade-ocaml-compiler-libs-develsuse-upgrade-ocaml-ocamldocsuse-upgrade-ocaml-rpm-macrossuse-upgrade-ocaml-runtime
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.