Description
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Josh Smith · clocallinux
https://www.exploit-db.com/exploits/21043
References (4)
Scores
EPSS
0.0040
EPSS Percentile
60.6%
Details
Status
published
Products (4)
gnu/findutils
4.0
gnu/findutils
4.1
slackware/slackware_linux
7.1
slackware/slackware_linux
8.0
Published
Aug 31, 2001
Tracked Since
Feb 18, 2026