Unrated severityNVD Advisory· Published Jan 25, 2023· Updated Apr 2, 2025
CVE-2018-25078
CVE-2018-25078
Description
man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- man-db/man-dbdescription
- Range: <2.8.5
Patches
Vulnerability mechanics
References
2- security.gentoo.org/glsa/202310-08mitrevendor-advisory
- bugs.gentoo.org/662438mitre
News mentions
0No linked articles in our index yet.