SuseCVELIST:CVE-2019-3689CVE-2019-3689 nfs-utils: root-owned files stored in insecure /var/lib/nfs directory
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
87.0%
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
CNA Affected
[
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"status": "affected",
"version": "before and including version 1.3.0-34.18.1"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"status": "affected",
"version": "before and including version 2.1.1-6.10.2"
}
]
}
]References
lists.opensuse.org/opensuse-security-announce/2019-10/msg00071.html
lists.opensuse.org/opensuse-security-announce/2019-11/msg00006.html
bugzilla.suse.com/show_bug.cgi?id=1150733
git.linux-nfs.org/?p=steved/nfs-utils.git%3Ba=commitdiff%3Bh=fee2cc29e888f2ced6a76990923aef19d326dc0e
lists.debian.org/debian-lts-announce/2019/10/msg00026.html
usn.ubuntu.com/4400-1/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
87.0%