CVE-2017-18240
MEDIUMcollectd < 5.7.2 - Unauthenticated Arbitrary Process Termination via PID File Manipulation
Title source: llmDescription
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped).
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201803-10
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103469
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugs.gentoo.org/628540
Scores
CVSS v3
5.5
EPSS
0.0037
EPSS Percentile
29.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
collectd/collectd
5.7.2 r1
collectd/collectd
< 5.7.2
Published
Mar 19, 2018
Tracked Since
Feb 18, 2026