QwikSec

Security Database

CVE

CWE

Training

CVE-2018-18629

Published: Dec 20, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://keybase.io/docs/secadv/kb002

x_refsource_CONFIRM

https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/

x_refsource_MISC

https://hackerone.com/reports/426944

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.