← Volver a CVEs
CVE-2018-13405
HIGH7.8
Descripcion
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado7/6/2018
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
canonical:ubuntu_linuxdebian:debian_linuxf5:big-ip_access_policy_managerf5:big-ip_advanced_firewall_managerf5:big-ip_analyticsf5:big-ip_application_acceleration_managerf5:big-ip_application_security_managerf5:big-ip_domain_name_systemf5:big-ip_edge_gatewayf5:big-ip_fraud_protection_servicef5:big-ip_global_traffic_managerf5:big-ip_link_controllerf5:big-ip_local_traffic_managerf5:big-ip_policy_enforcement_managerf5:big-ip_webacceleratorfedoraproject:fedoralinux:linux_kernelredhat:enterprise_linux_ausredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_for_real_timeredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_tusredhat:enterprise_linux_workstationredhat:mrg_realtimeredhat:virtualization
Debilidades (CWE)
CWE-269
Referencias
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7(cve@mitre.org)
http://openwall.com/lists/oss-security/2018/07/13/2(cve@mitre.org)
http://www.securityfocus.com/bid/106503(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2018:2948(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2018:3083(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2018:3096(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:0717(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:2476(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:2566(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:2696(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:2730(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:4159(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2019:4164(cve@mitre.org)
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/(cve@mitre.org)
https://support.f5.com/csp/article/K00854051(cve@mitre.org)
https://twitter.com/grsecurity/status/1015082951204327425(cve@mitre.org)
https://usn.ubuntu.com/3752-1/(cve@mitre.org)
https://usn.ubuntu.com/3752-2/(cve@mitre.org)
https://usn.ubuntu.com/3752-3/(cve@mitre.org)
https://usn.ubuntu.com/3753-1/(cve@mitre.org)
https://usn.ubuntu.com/3753-2/(cve@mitre.org)
https://usn.ubuntu.com/3754-1/(cve@mitre.org)
https://www.debian.org/security/2018/dsa-4266(cve@mitre.org)
https://www.exploit-db.com/exploits/45033/(cve@mitre.org)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7(af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2018/07/13/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/106503(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:2948(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:3083(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:3096(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:0717(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:2476(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:2566(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:2696(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:2730(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:4159(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:4164(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/(af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/csp/article/K00854051(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/grsecurity/status/1015082951204327425(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3752-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3752-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3752-3/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3753-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3753-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3754-1/(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2018/dsa-4266(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45033/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.