VYPR
Unrated severityNVD Advisory· Published Jan 9, 2020· Updated Aug 6, 2024

CVE-2012-3490

CVE-2012-3490

Description

The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <=7.6.9, <=7.8.3
  • Condor/Condorv5
    Range: 7.6.x before 7.6.10 and 7.8.x before 7.8.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.