CVE-2022-24949

HIGH

Eternal Terminal < 6.2.0 - Race Condition

Title source: rule

Description

A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen().

References (2)

Core 2

Core References

Patch, Third Party Advisory x_refsource_confirm

https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3

View Patch ZIP pw:eip

Exploit, Third Party Advisory x_refsource_misc

https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-hxg8-4r3q-p9rv

Scores

CVSS v3 7.5

EPSS 0.0040

EPSS Percentile 60.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-362 CWE-120

Status published

Products (1)

eternal_terminal_project/eternal_terminal < 6.2.0

Published Aug 16, 2022

Tracked Since Feb 18, 2026