Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
sys-apps
The sys-apps category contains various core system applications, and some non-core system applications which have not yet been moved out into other sys- categories.
Packages
Stabilization
22
Outdated
45
Pull requests
26
Bugs
720
Security
24
Security Bug Reports
sys-apps/systemd: TOCTOU race condition when updating file permissions and SELinux security contexts
600624 - Assigned to Gentoo Security
<sys-apps/openrc-0.43: checkpath root privilege escalation following non-terminal symlinks (CVE-2018-21269)
751424 - Assigned to Gentoo Security
<sys-apps/openrc-{0.43.5-r1,0.44.6-r1}: Buffer overflow in checkpath (CVE-2021-42341)
818085 - Assigned to Gentoo Security
<sys-apps/busybox-1.34.0: multiple vulnerabilities (CVE-2021-{42373,42374,42375,42376,42377,42378,42379,42380,42381,42382,42383,42384,42385,42386})
824222 - Assigned to Gentoo Security
<sys-apps/usbredir-0.12.0: use-after-free
834010 - Assigned to Gentoo Security
sys-apps/busybox: multiple vulnerabilities
836920 - Assigned to Gentoo Security
sys-apps/portage uses /var/tmp insecurely
853283 - Assigned to Gentoo Security
sys-apps/man2html: multiple vulnerabilities
869413 - Assigned to Gentoo Security
<sys-apps/systemd-252.0: deadlock in systemd-coredump
882769 - Assigned to Gentoo Security
<sys-apps/systemd-{251.10,252.4}: local information leak
887581 - Assigned to Gentoo Security
<sys-apps/shadow-4.13-r3: passwd file manipulation via chfn
904518 - Assigned to Gentoo Security
<sys-apps/portage-3.0.47: dispatch-conf race condition with chmod on log file access
904895 - Assigned to Gentoo Security
<sys-apps/dmidecode-3.5: root privilege escalation via file overwrite
905093 - Assigned to Gentoo Security
<sys-apps/portage-3.0.47: emerge-webrsync does not verify PGP signatures
905356 - Assigned to Gentoo Security
<sys-apps/shadow-4.13-r4: possible password leak during passwd(1) change
908613 - Assigned to Gentoo Security
<sys-apps/hwloc-2.9.3: Denial of service
914155 - Assigned to Gentoo Security
<sys-apps/file-5.42: stack buffer overread
918554 - Assigned to Gentoo Security
sys-apps/busybox: multiple vulnerabilities
918699 - Assigned to Gentoo Security
<sys-apps/coreutils-9.4-r1: split heap buffer overflow vulnerability
922474 - Assigned to Gentoo Security
<sys-apps/eza-0.18.6: local arbitrary code execution via .git/HEAD and .git/objects components
926532 - Assigned to Gentoo Security
<sys-apps/util-linux-2.39.3-r6[tty-helpers]: wall escape sequence issues
927980 - Assigned to Gentoo Security
<sys-apps/coreutils-9.5: chmod -R TOCTOU vulnerability
928062 - Assigned to Gentoo Security
<sys-apps/less-643-r2: LESSOPEN handling is unsafe on untrusted names, arbitrary code execution
929210 - Assigned to Gentoo Security
<sys-apps/flatpak-{1.14.6,1.12.9}: Sandbox escape via RequestBackground portal
930202 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.