Debian update for kwallet-pam
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-10380 |
| CWE-ID | CWE-61 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system |
| Vendor | Debian |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Symlink attack
EUVDB-ID: #VU12586
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10380
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists in the kwallet-pam module due to improper security restrictions, performing file writing and permission changing operations as root. A local attacker can conduct symbolic link attack and gain access to potentially sensitive information.
Update the affected package to version: 5.8.4-1+deb9u2
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://www.debian.org/security/2018/dsa-4200
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
