VULHUB ™

A stack overflow vulnerability has been reported for the pr-edit utility. The vulnerability occurs when pr-edit locks a file for reading. Due to the improper use of fscanf(), there are no bounds checks performed on the length of the user that locked the file. An attacker can exploit this vulnerability by creating a lock file with a large amount of data. This will trigger the buffer overflow condition when pr-edit attempts to read the file. Successful exploitation may result in the execution of attacker-supplied code with potentially elevated privileges.

A stack overflow vulnerability has been reported for the pr-edit utility. The vulnerability occurs when pr-edit locks a file for reading. Due to the improper use of fscanf(), there are no bounds checks performed on the length of the user that locked the file. An attacker can exploit this vulnerability by creating a lock file with a large amount of data. This will trigger the buffer overflow condition when pr-edit attempts to read the file. Successful exploitation may result in the execution of attacker-supplied code with potentially elevated privileges.