VDB

GCVE-110-MAGEIA-2017-165

GCVE-110-MAGEIA-2017-165
Advisory Published
Vulnetix · Advisory published June 10, 2017
A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (CVE-2017-9078). The default Mageia configuration does not set -a, so is not vulnerable Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys (CVE-2017-9079)

Affected Products

VendorProductVersionsPlatforms
Mageiadropbear2014.66-1.3.mga5 (unaffected), 0 (affected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›