VULHUB ™

A vulnerability has been discovered in Rogue which may allow a local attacker to obtain elevated privileges. Due to insufficient bounds checking of user-supplied input, it is possible to overflow a buffer used to save games. A malicious user may be able to exploit this issue to overwrite a return address in the target application. This would allow for the execution of arbitrary instructions supplied by the attacker. Successful exploitation would result in an attacker gaining privileges of group 'games' or equivalent access on systems where Rogue is installed setgid.

A vulnerability has been discovered in Rogue which may allow a local attacker to obtain elevated privileges. Due to insufficient bounds checking of user-supplied input, it is possible to overflow a buffer used to save games. A malicious user may be able to exploit this issue to overwrite a return address in the target application. This would allow for the execution of arbitrary instructions supplied by the attacker. Successful exploitation would result in an attacker gaining privileges of group 'games' or equivalent access on systems where Rogue is installed setgid.