Unrated severityNVD Advisory· Published Nov 19, 2019· Updated Aug 6, 2024

CVE-2011-2922

Description

ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code.

Affected products

Kth/Ktsussv5
Range: 1.4 and prior

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/cve-2011-2922mitrex_refsource_MISC
lwn.net/Articles/477678/mitrex_refsource_MISC
packetstormsecurity.com/files/109154/Gentoo-Linux-Security-Advisory-201201-15.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/cve/CVE-2011-2922mitrex_refsource_MISC
security-tracker.debian.org/tracker/CVE-2011-2922mitrex_refsource_MISC
snyk.io/vuln/SNYK-LINUX-KTSUSS-174466mitrex_refsource_MISC
www.securityfocus.com/bid/49151mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000