{"id":"USN-7059-2","summary":"oath-toolkit vulnerability","details":"USN-7059-1 fixed a vulnerability in OATH Toolkit library. This\nupdate provides the corresponding update for Ubuntu 24.10.\n\nOriginal advisory details:\n\n Fabian Vogt discovered that OATH Toolkit incorrectly handled file\n permissions. A remote attacker could possibly use this issue to\n overwrite root owned files, leading to a privilege escalation attack.\n (CVE-2024-47191)\n","modified":"2026-01-30T01:33:22.852016Z","published":"2024-10-17T16:10:37.537267Z","related":["CVE-2024-47191","UBUNTU-CVE-2024-47191"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7059-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-47191"}],"affected":[{"package":{"name":"oath-toolkit","ecosystem":"Ubuntu:24.10","purl":"pkg:deb/ubuntu/oath-toolkit@2.6.11-3ubuntu1?arch=source&distro=oracular"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.11-3ubuntu1"}]}],"versions":["2.6.11-2.1build3","2.6.11-3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2.6.11-3ubuntu1","binary_name":"liboath-dev"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"liboath0t64"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"liboath0t64-dbgsym"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"libpam-oath"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"libpam-oath-dbgsym"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"libpskc-dev"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"libpskc0t64"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"libpskc0t64-dbgsym"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"oathtool"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"oathtool-dbgsym"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"pskctool"},{"binary_version":"2.6.11-3ubuntu1","binary_name":"pskctool-dbgsym"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7059-2.json"}}],"schema_version":"1.7.3"}