VULHUB ™

Qualcomm Qpopper Poppassd has been reported prone to a local arbitrary command execution vulnerability. poppassd is installed with setUID root permissions set by default and is executable by all local system users. There has been an issue reported in poppassd that may allow a local user to execute arbitrary commands in the context of the root user. An attacker may supply a path to a malicious executable and the executable will be called as poppassd is run. An attacker may exploit this condition to elevate privileges on the local system. Because poppassd is by default setUID root, privileges attained may be root.

Qualcomm Qpopper Poppassd has been reported prone to a local arbitrary command execution vulnerability. poppassd is installed with setUID root permissions set by default and is executable by all local system users. There has been an issue reported in poppassd that may allow a local user to execute arbitrary commands in the context of the root user. An attacker may supply a path to a malicious executable and the executable will be called as poppassd is run. An attacker may exploit this condition to elevate privileges on the local system. Because poppassd is by default setUID root, privileges attained may be root.