USN-3816-1 systemd vulnerabilities

Jann Horn discovered that unitdeserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. CVE-2018-15686 Jann Horn discovered a race condition in...

systemd - chown_one() Dereference Symlinks

systemd - chownone Dereference Symlinks I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it has to...

systemd - 'chown_one()' Dereference Symlinks

I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it has to change ownership of a directory entry, it...

DEBIAN-CVE-2018-15687

A race condition in chownone of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239...

Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2015-7430)

Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow an unprivileged user the ability to read, write, modify, or delete any data in a GPFS file system CVE-2015-7430 Vulnerability Details CVEID: CVE-2015-7430 DESCRIPTION: IBM Genera...

CHMOD race vulnerability

The file system access race condition allows for local privilege escalation and affects the Nginx module for Passenger versions 5.3.1, all the way back to 3.0.0 the chown command entered the code in 2010. The vulnerability was exploitable only when running a non-standard...

CVE-2014-7272

Simple Desktop Display Manager SDDM before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance exploitation requires the user to win a race condition in the...

CVE-2017-18188

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

Hardcoded credentials

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

UBUNTU-CVE-2017-18188

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

Fedora 27 : coreutils (2018-669520d2ba)

doc: warn about following symlinks recursively in chown/chgrp CVE-2017-18018 - mv -n: do not overwrite the destination - mv -n: provide more reliable diagnostic messages Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

GNU Coreutils Arbitrary File Modification Vulnerability

GNU Coreutils GNU Core Utilities, GNU Core Utilities is a package developed by the GNU Project that contains several basic tools required for Unix-like applications, such as textutils textutils, shellutils shell utilities, fileutils file utilities, and so on. A security vulnerability exists in GN...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

Race condition

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

UBUNTU-CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

DEBIAN-CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

CVE-2017-18018

CVE-2017-18018 affects GNU Coreutils up to version 8.29, where chown-core.c in chown/chgrp fails to prevent replacing a plain file with a symlink when using POSIX -R -L, enabling a local user to modify ownership of arbitrary files via a race. IBM/CP4S remediation applies: Cloud Pak for Security i...