Grsecurity: >> Grsecurity Kernel Patch >> 2.1.7 Security Vulnerabilities
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
CVSS Score
7.8
EPSS Score
0.001
Published
2007-01-16
The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
CVSS Score
7.2
EPSS Score
0.001
Published
2006-01-17