VYPR
High severity7.8NVD Advisory· Published May 1, 2016· Updated Jun 17, 2026

CVE-2015-8325

CVE-2015-8325

Description

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.