Bug#924792: pidof: unsanitized user input makes pidof crash
Ian Campbell
ijc at debian.org
Mon Mar 18 08:28:59 GMT 2019
On Sun, 2019-03-17 at 19:06 +0100, Matteo Croce wrote:
> #571590 added the '-f' argument to pidof, which allows to specify an
> arbitrary format string for the PIDs.
> Unfortunately this is broken, because passing plain user input to
> printf() can easily exploited:
What's the attack vector here (making this an exploit rather than
"just" a bug)?
Wouldn't you need to have some process which was passing untrusted data
directly to the `-f` argument, is that likely in the real world?
Ian.
More information about the Debian-init-diversity
mailing list