Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2017-18240

The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped).

Published: Mar 19, 2018
Updated: Nov 9, 2025
CVE: CVE-2017-18240
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
collectd / collectd	-	5.7.2.x
collectd / collectd	5.7.2-r1	5.7.2-r1.x

http://www.securityfocus.com/bid/103469
https://bugs.gentoo.org/628540
https://security.gentoo.org/glsa/201803-10

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo