PT-2018-3823 · Linux+5 · Linux Kernel+5
Jann Horn
·
Publicado
2014-08-28
·
Atualizado
2022-08-29
·
CVE-2018-13405
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions through 3.16
Description
The issue is related to insecure privilege management in the inode init owner function of the Linux kernel. This allows an attacker to access confidential data, compromise its integrity, and cause a denial of service. Specifically, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group, the non-member can create a plain file with the group ownership of that group, potentially leading to privilege escalation by making the file executable and SGID.
Recommendations
For Linux kernel versions through 3.16, consider restricting access to the
inode init owner function until a patch is available, or apply configuration changes to limit the impact of the insecure privilege management.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu