RunIt CHPST Privilege Escalation Vulnerability

RunIt CHPST Privilege Escalation Vulnerability

Runit is susceptible to a local privilege-escalation vulnerability. This issue is due to a flaw in the 'chpst' utility that results in programs gaining unintended, elevated group privileges.

This issue will have varying consequences depending on the nature of programs executed by the affected utility. Attackers exploiting latent vulnerabilities in applications may gain access to elevated group privileges.

Runit versions prior to 1.4.1 are affected by this issue. This affects only packages that are compiled with 16-bit gid_t types (such as when compiled with dietlibc).