@eslerm The scenario to exploit this vulnerability is similar to a vulnerability in e.g. vim editor https://ubuntu.com/security/CVE-2023-2426 . I agree it's low impact due to the conditions explained. Basically an attacker can take advantage of a bug to execute arbitrary code, it doesn't matter if he/she should already have shell access to abuse of this flaw - the point here is having a buggy binary in the system that allows a malicious user to execute arbitrary code.
I know Canonical is also Root CNA, why are you redirecting to another CNA?
@eslerm The scenario to exploit this vulnerability is similar to a vulnerability in e.g. vim editor https:/ /ubuntu. com/security/ CVE-2023- 2426 . I agree it's low impact due to the conditions explained. Basically an attacker can take advantage of a bug to execute arbitrary code, it doesn't matter if he/she should already have shell access to abuse of this flaw - the point here is having a buggy binary in the system that allows a malicious user to execute arbitrary code.
I know Canonical is also Root CNA, why are you redirecting to another CNA?