Unrated severityNVD Advisory· Published Mar 18, 2015· Updated Jun 17, 2026
CVE-2014-8169
CVE-2014-8169
Description
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- cpe:2.3:a:automount_project:automount:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- osv-coords4 versionspkg:rpm/opensuse/autofs&distro=openSUSE%20Tumbleweedpkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 5.1.1-3.5+ 3 more
- (no CPE)range: < 5.1.1-3.5
- (no CPE)range: < 5.0.9-8.1
- (no CPE)range: < 5.0.9-8.1
- (no CPE)range: < 5.0.9-8.1
Patches
Vulnerability mechanics
References
7- lists.opensuse.org/opensuse-updates/2015-03/msg00033.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2015-1344.htmlnvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- bugzilla.suse.com/show_bug.cginvdIssue Tracking
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvd
- www.securityfocus.com/bid/73211nvd
- www.ubuntu.com/usn/USN-2579-1nvd
News mentions
0No linked articles in our index yet.