CVE-2017-1000455
Description
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix.
- CVSS Version 3.0
- CVSS Version 2.0
nvd
CVE ID: CVE-2017-1000455
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd
CVE ID: CVE-2017-1000455
Base Score: 2.1
Base Severity: LOW
Vector String:AV:L/AC:L/Au:N/C:N/I:P/A:N
Refrence: NVD