Advisories for Golang/Github.com/Google/Fscrypt/Pam package

2021

Privilege Escalation in fscrypt

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).