CVE-2014-2905
Publication date 2 May 2014
Last updated 24 July 2024
Ubuntu priority
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions.
Status
Package | Ubuntu Release | Status |
---|---|---|
fish | ||
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |