Unchecked Return Value
CVE-2007-5191
Summary
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
CWE-252 - Unchecked Return Value
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
References
Advisory Timeline
- Published