GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gdal | gdal | 1.3.0 |
| gdal | gdal | 1.2.6_r2 |
| gdal | gdal | 1.2.5 |
| gdal | gdal | 1.2.6_r1 |
| gdal | gdal | 1.2.6_r3 |
| gdal | gdal | 1.2.6_r4 |
| gdal | gdal | 1.2.5_r1 |