Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-33865HistoryJun 07, 2023 - 8:15 p.m.
CVE-2023-33865
2023-06-0720:15:10
Debian Security Bug Tracker
security-tracker.debian.org
6
renderdoc
privilege escalation
symlink attack
/tmp/renderdoc
unix
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.8%
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | renderdoc | <= 1.24+dfsg-1 | renderdoc_1.24+dfsg-1_all.deb |
| Debian | 11 | all | renderdoc | <= 1.11+dfsg-5 | renderdoc_1.11+dfsg-5_all.deb |
| Debian | 999 | all | renderdoc | <= 1.27+dfsg-1 | renderdoc_1.27+dfsg-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2023-06-07 20:15:00
cve
cve
CVE-2023-33865
2023-06-07 20:15:10
ubuntucve
ubuntucve
CVE-2023-33865
2023-06-07 00:00:00
osv
osv
CVE-2023-33865
2023-06-07 20:15:10
renderdoc - security update
2023-07-25 00:00:00
nvd
nvd
CVE-2023-33865
2023-06-07 20:15:10
cvelist
cvelist
CVE-2023-33865
2023-06-07 00:00:00
qualysblog
qualysblog
Behind the Screen: Three Vulnerabilities in RenderDoc
2023-06-06 17:01:32
nessus
nessus
openSUSE 15 Security Update : renderdoc (openSUSE-SU-2023:0253-1)
2023-09-26 00:00:00
Debian DLA-3501-1 : renderdoc - LTS security update
2023-07-25 00:00:00
GLSA-202311-10 : RenderDoc: Multiple Vulnerabilities
2023-11-25 00:00:00
openvas
openvas
openSUSE: Security Advisory for renderdoc (openSUSE-SU-2023:0253-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3501-1)
2023-07-25 00:00:00
gentoo
gentoo
RenderDoc: Multiple Vulnerabilities
2023-11-25 00:00:00
debian
debian
[SECURITY] [DLA 3501-1] renderdoc security update
2023-07-25 04:55:40
zdt
zdt
packetstorm
packetstorm
RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution
2023-06-08 00:00:00
thn
thn
Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities
2023-06-08 05:18:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.8%
Related for DEBIANCVE:CVE-2023-33865