Description
man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)
References (2)
Core 2
Core References
Exploit, Vendor Advisory
https://bugs.gentoo.org/662438
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202310-08
Scores
CVSS v3
7.8
EPSS
0.0038
EPSS Percentile
29.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-250
Status
published
Products (1)
man-db_project/man-db
< 2.8.5
Published
Jan 26, 2023
Tracked Since
Feb 18, 2026