Lucene search

K
cvelistCanonicalCVELIST:CVE-2018-6553
HistoryJul 11, 2018 - 12:00 a.m.

CVE-2018-6553 AppArmor cupsd Sandbox Bypass Due to Use of Hard Links

2018-07-1100:00:00
canonical
www.cve.org
1

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS.

CNA Affected

[
  {
    "platforms": [
      "Ubuntu 18.04 LTS"
    ],
    "product": "cups",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "2.2.7-1ubuntu2.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "Ubuntu 17.10"
    ],
    "product": "cups",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "2.2.4-7ubuntu3.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "Ubuntu 16.04 LTS"
    ],
    "product": "cups",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "2.1.3-4ubuntu0.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "Ubuntu 14.04 LTS"
    ],
    "product": "cups",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "1.7.2-0ubuntu1.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%