FEDORA-EPEL-2025-ae12e02519

Packages in this update:

rust-below-0.9.0-1.el8

Update description:

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.

https://www.cve.org/CVERecord?id=CVE-2025-27591
https://github.com/facebookincubator/below/security/advisories/GHSA-9mc5-7qhg-fp3w

Read More