diff options
author | GLSAMaker <glsamaker@gentoo.org> | 2022-09-25 13:34:57 +0000 |
---|---|---|
committer | John Helmert III <ajak@gentoo.org> | 2022-09-25 08:42:21 -0500 |
commit | c119633f474d495980aaa3db92f8d90254200747 (patch) | |
tree | 181f222751ef7c0af9ed5c26a3f2d38fe61c7aa4 | |
parent | [ GLSA 202209-09 ] Smarty: Multiple vulnerabilities (diff) | |
download | glsa-c119633f474d495980aaa3db92f8d90254200747.tar.gz glsa-c119633f474d495980aaa3db92f8d90254200747.tar.bz2 glsa-c119633f474d495980aaa3db92f8d90254200747.zip |
[ GLSA 202209-10 ] Logcheck: Root privilege escalation
Bug: https://bugs.gentoo.org/630752
Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
Signed-off-by: John Helmert III <ajak@gentoo.org>
-rw-r--r-- | glsa-202209-10.xml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/glsa-202209-10.xml b/glsa-202209-10.xml new file mode 100644 index 00000000..9e9ae3a3 --- /dev/null +++ b/glsa-202209-10.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202209-10"> + <title>Logcheck: Root privilege escalation</title> + <synopsis>A vulnerability has been discovered in Logcheck's ebuilds which could allow for root privilege escalation.</synopsis> + <product type="ebuild">logcheck</product> + <announced>2022-09-25</announced> + <revised count="1">2022-09-25</revised> + <bug>630752</bug> + <access>remote</access> + <affected> + <package name="app-admin/logcheck" auto="yes" arch="*"> + <vulnerable range="le">1.3.23</vulnerable> + </package> + </affected> + <background> + <p>Logcheck mails anomalies in the system logfiles to the administrator.</p> + </background> + <description> + <p>The pkg_postinst phase of the Logcheck ebuilds recursively chown the /etc/logcheck and /var/lib/logcheck directories. If the logcheck adds hardlinks to other files in these directories, the chown call will follow the link and transfer ownership of any file to the logcheck user.</p> + </description> + <impact type="normal"> + <p>A local attacker with access to the logcheck user could escalate to root privileges.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>Gentoo has discontinued support for Logcheck. We recommend that users remove it:</p> + + <code> + # emerge --ask --depclean "app-admin/logcheck" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-20148">CVE-2017-20148</uri> + </references> + <metadata tag="requester" timestamp="2022-09-25T13:34:57.482832Z">ajak</metadata> + <metadata tag="submitter" timestamp="2022-09-25T13:34:57.487714Z">ajak</metadata> +</glsa>
\ No newline at end of file |