PT-2019-4446 · Linux+3 · Linux Kernel+3

Michael Hanselmann

·

Publicado

2019-10-05

·

Atualizado

2022-11-03

·

CVE-2019-10220

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel version 4.9.0
Description The issue concerns a relative paths injection in directory entry lists within the Linux kernel CIFS implementation. It is caused by incorrect restriction of the directory path name with limited access. Exploitation of this issue may allow a remote attacker to manipulate files in the client's directory.
Recommendations For Linux kernel version 4.9.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

ALT-PU-2019-3059
ALT-PU-2019-3061
ALT-PU-2019-3066
ALT-PU-2020-1009
ALT-PU-2020-1042
ALT-PU-2020-1189
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
BDU:2020-00233
CVE-2019-10220
DLA-2068-1
DLA-2114-1
OPENSUSE-SU-2019:2503-1
OPENSUSE-SU-2019:2507-1
OPENSUSE-SU-2019_2503-1
OPENSUSE-SU-2019_2507-1
SUSE-SU-2019:14218-1
SUSE-SU-2019:2821-1
SUSE-SU-2019:2829-1
SUSE-SU-2019:2859-1
SUSE-SU-2019:2864-1
SUSE-SU-2019:2946-1
SUSE-SU-2019:2947-1
SUSE-SU-2019:2948-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:2951-1
SUSE-SU-2019:2952-1
SUSE-SU-2019:2953-1
SUSE-SU-2019:2984-1
SUSE-SU-2019:3019-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3215-1
SUSE-SU-2019:3216-1
SUSE-SU-2019:3223-1
SUSE-SU-2019:3224-1
SUSE-SU-2019:3225-1
SUSE-SU-2019:3228-1
SUSE-SU-2019:3230-1
SUSE-SU-2019:3232-1
SUSE-SU-2019:3233-1
SUSE-SU-2019:3246-1
SUSE-SU-2019:3247-1
SUSE-SU-2019:3248-1
SUSE-SU-2019:3249-1
SUSE-SU-2019:3252-1
SUSE-SU-2019:3255-1
SUSE-SU-2019:3258-1
SUSE-SU-2019:3260-1
SUSE-SU-2019:3261-1
SUSE-SU-2019:3263-1
SUSE-SU-2019:3294-1
SUSE-SU-2019:3295-1
SUSE-SU-2019_14218-1
SUSE-SU-2019_2829-1
SUSE-SU-2019_2859-1
SUSE-SU-2019_2864-1
SUSE-SU-2019_3215-1
SUSE-SU-2019_3216-1
SUSE-SU-2019_3233-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0183-1
USN-4226-1

Produtos afetados

Alt Linux
Linux Kernel
Suse
Ubuntu