Oxagast

#12259de 53,633
22.3CVSS total
Vulnerabilidades · 3
Alta
3
PT-2019-15574
7.0
2019-11-04
Todd Miller · Sudo · CVE-2019-18684
**Name of the Vulnerable Software and Affected Versions** Sudo versions prior to 1.8.30 **Description** The issue allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs due to a race condition between determining a uid, and the setresuid and openat system calls. An attacker can exploit this by writing "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. However, it has been disputed due to the way Linux /proc works, suggesting that writing to /proc/#####/fd/3 would only be viable with permission to write to /etc/sudoers. **Recommendations** For Sudo versions prior to 1.8.30, update to version 1.8.30 or later to resolve the issue. As a temporary workaround, consider restricting write access to file descriptor 3 of the sudo process to minimize the risk of exploitation.
PT-2019-14488
7.5
2019-08-04
Bitcoin · Bitcoin Core · CVE-2019-15947
**Name of the Vulnerable Software and Affected Versions** Bitcoin Core version 0.18.0 **Description** The issue concerns the storage of wallet.dat data in memory by bitcoin-qt. When the program crashes, it may create a core file that contains unencrypted wallet data. If this core file is not handled properly, an attacker could potentially reconstruct the wallet.dat file, including private keys, by using a specific command. **Recommendations** For Bitcoin Core version 0.18.0, consider updating to a newer version that addresses this issue, as storing sensitive data unencrypted in memory poses a significant risk. Additionally, handle core files with care to prevent unauthorized access, and avoid using commands that could expose sensitive information, such as private keys.
PT-2018-13987
7.8
2018-09-22
Linux · Udisks · CVE-2018-17336
**Name of the Vulnerable Software and Affected Versions** UDisks version 2.8.0 **Description** The issue allows attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact via a malformed filesystem label. This can be achieved by using a format string vulnerability with substrings such as `%d` or `%n`. **Recommendations** For UDisks version 2.8.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.