High severity7.8NVD Advisory· Published Feb 23, 2021· Updated Jun 17, 2026
CVE-2021-25630
CVE-2021-25630
Description
"loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Before doing anything else "loolforkit" checks, if it was invoked by the "lool" user, and refuses to run with privileges, if it's not the case. In the vulnerable version of "loolforkit" this check was wrong, so a normal user could start "loolforkit" and eventually get local root privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
2- github.com/CollaboraOnline/online/security/advisories/GHSA-49w3-gr3w-m68vnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2021/01/18/3nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.