chkrootkit: Local privilege escalation — GLSA 201709-05

A vulnerability in chkrootkit may allow local users to gain root privileges.

Affected Packages

app-forensics/chkrootkit on all architectures
Affected versions < 0.50
Unaffected versions >= 0.50

Background

chkrootkit is a tool to locally check for signs of a rootkit.

Description

When /tmp is mounted without the noexec option chkrootkit will execute files in /tmp with root privileges.

Impact

A local attacker could possibly execute arbitrary code with root privileges.

Workaround

Users should mount /tmp with noexec option.

Resolution

All chkrootkit users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-forensics/chkrootkit-0.50"
 

References

Release Date
September 17, 2017

Latest Revision
September 17, 2017: 1

Severity
high

Exploitable
local

Bugzilla entries