Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2018-14665 |
CWE-ID | CWE-264 |
Exploitation vector | Local |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
xorg-server (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU15538
Risk: Low
CVSSv3.1: 7.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2018-14665
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to gain elevated privileges on the target system.
The vulnerability exists due to improper handling of two command-line options, namely -logfile and -modulepath. A local user can specify a '-modulepath' argument with an insecure path to create, overwrite or delete any files with root privileges.
MitigationInstall update from vendor's website.
Vulnerable software versionsxorg-server (Alpine package): 1.19.5-r0 - 1.19.6-r2
External linkshttp://git.alpinelinux.org/aports/commit/?id=7ef7c7225e8892f60a63c6242fb4546ecd42f1ae
http://git.alpinelinux.org/aports/commit/?id=8e700dfc5cc2199f06163864d60d559cacd453cd
http://git.alpinelinux.org/aports/commit/?id=200ed130cd6de4484176410175e321c8dfc55f09
http://git.alpinelinux.org/aports/commit/?id=4c35866610d06281e3d5d1717fb264f69ff2aac0
http://git.alpinelinux.org/aports/commit/?id=9ab208679bc4ae87c012980f6cc3ac7c7cbda918
http://git.alpinelinux.org/aports/commit/?id=aa79b6b19b8d17276a444f0c17c1c3a3742f3ef8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.