CVE-2016-2781
CVE-2016-2781
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.6EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 Feb 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/a