ubuntu · CVE-2017-9232

Quick triage

Priority: high Published: 2017-05-26 00:00:00 UTC Updated: 2025-08-25 22:41:09 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-9232 high priority: Ubuntu including 2 source packages (juju-core, juju-core-1), 10 status rows across 5 suites (trusty, upstream, xenial, yakkety, zesty): released 8, DNE 2.

Description:

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.

cvelogic Threat Intelligence