CVE-2006-1319

Name of the Vulnerable Software and Affected Versions runit version 1.3.3-1

Description The issue arises from improper handling of multiple groups specified in the -u option by chpst in runit. This causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid t type when compiled on little endian i386 machines against dietlibc.

Recommendations For runit version 1.3.3-1, consider avoiding the use of multiple groups with the -u option until a fix is available. As a temporary workaround, restrict the use of the -u option to a single group to minimize the risk of exploitation.