Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Debian 11: DLA-4034-1 critical: simgear file write bypass

debian lts
Calendar Grey January 29, 2025
Dist Debian Esm H88
An important patch for simgear has been released to fix a security flaw that permits unauthorized file modifications on Debian LTS platforms. Users are urged to upgrade promptly.
A security vulnerability has been discovered in simgear, a collection of libraries for constructing simulation and visualization applications such as FlightGear

Summary

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily
write to any file path that the user has permission to modify at the
operating-system level.

For Debian 11 bullseye, this problem has been fixed in version
1:2020.3.6+dfsg-1+deb11u1.

We recommend that you upgrade your simgear packages.

For the detailed security status of simgear please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/simgear

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: simgear
Version: 1:2020.3.6+dfsg-1+deb11u1
CVE ID: CVE-2025-0781

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here