PT-2025-2690 · Glog+3 · Glog+3

Günther Noack

+1

·

Published

2025-01-28

·

Updated

2025-11-25

·

CVE-2024-45339

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions glog (affected versions not specified)
Description The issue arises when logs are written to a widely-writable directory, allowing an unprivileged attacker to predict a privileged process's log file path and create a symbolic link to a sensitive file in its place. When the privileged process runs, it follows the planted symlink and overwrites the sensitive file. To address this, glog now exits the program with a status code of 2 when it discovers that the configured log file already exists.
Recommendations To resolve the issue, ensure that glog is configured to write logs to a directory that is not widely writable. As a temporary workaround, consider restricting write access to the log directory to prevent unprivileged attackers from creating symbolic links to sensitive files. Avoid using widely-writable directories for logging until the issue is fully addressed.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-377CWE-61

Related Identifiers

AZL-56066
AZL-56069
AZL-56075
AZL-56078
AZL-56379
AZL-56402
BDU:2025-02785
CVE-2024-45339
DLA-4056-1
GHSA-6WXM-MPQJ-6JPF
GO-2025-3372
OPENSUSE-SU-2025:14710-1
OPENSUSE-SU-2025:14815-1
OPENSUSE-SU-2025:15764-1
OPENSUSE-SU-2025_0297-1
OPENSUSE-SU-2025_0429-1
OPENSUSE-SU-2025_0611-1
OPENSUSE-SU-2025_0623-1
OPENSUSE-SU-2026:20654-1
RHSA-2025:2223
SUSE-SU-2025:01985-1
SUSE-SU-2025:02149-1
SUSE-SU-2025:02150-1
SUSE-SU-2025:0297-1
SUSE-SU-2025:0429-1
SUSE-SU-2025:0580-1
SUSE-SU-2025:0611-1
SUSE-SU-2025:0622-1
SUSE-SU-2025:0623-1
SUSE-SU-2025:0624-1
SUSE-SU-2025:20746-1
SUSE-SU-2025_02149-1
SUSE-SU-2025_02150-1
SUSE-SU-2025_0580-1
SUSE-SU-2025_0611-1

Affected Products

Debian
Red Os
Suse
Glog