2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
10.2%
openCryptoki before 2.4.1, when using spinlocks, allows local users to
create or set world-writable permissions on arbitrary files via a symlink
attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Author | Note |
---|---|
mdeslaur | members of the pkcs11 group are considered trusted by upstream and can escalate privileges to root even after the upstream patches. See oss-security discussion. Moving this to /var/lock/opencryptoki makes the problem worse for members of the pkcs11 group as that directory wouldn’t be covered by symlink restrictions. Fix shouldn’t be applied to natty+ Fixing this in lucid would only prevent users who are not in the pkcs11 group from escalating permissions. Since it is likely that local users that have this installed are in that group, this is downgraded to low. |