PT-2023-22268 · Sagemath+1 · Sagemath Flintqs+1
Orlitzky
·
Published
2023-04-06
·
Updated
2023-04-13
·
CVE-2023-29465
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SageMath FlintQS version 1.0
Description
The issue allows a local user to overwrite files with the privileges of a different user who is running SageMath FlintQS, due to its reliance on pathnames under TMPDIR, which is typically world-writable.
Recommendations
For SageMath FlintQS version 1.0, consider restricting access to the TMPDIR to prevent unauthorized file overwrites until a patch is available.
As a temporary workaround, restrict write access to the TMPDIR directory to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Sagemath Flintqs