chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid_t type.
Max CVSS
6.2
EPSS Score
0.10%
Published
2006-03-20
Updated
2017-07-20
1 vulnerabilities found