RSS   Vulnerabilities for 'Check smart'   RSS

2021-10-11
 
CVE-2021-42257

CWE-20
 

 
check_smart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression.

 


Copyright 2024, cxsecurity.com

 

Back to Top