Multiple vulnerabilities in Calamares
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-13179 CVE-2019-13178 |
| CWE-ID | CWE-276 CWE-362 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Calamares Client/Desktop applications / Software for system administration |
| Vendor | Calamares |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU23409
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-13179
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to incorrect default permissions for files that are copied from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image. A local user can decryption keys for LUKS containers created with Full Disk Encryption.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCalamares: 3.1 - 3.2.10
External linkshttp://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1835095
http://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1835096
http://bugzilla.redhat.com/show_bug.cgi?id=1726542
http://calamares.io/calamares-3.2.11-is-out/
http://calamares.io/calamares-cve-2019/
http://github.com/calamares/calamares/issues/1191
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q57BOTBA2J5U4GVKUP7N2PD5H7B3BVUU/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2ZDQRGBGRVRW5LPJWKUNS3M66LZ3KYC/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU23408
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-13178
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in modules/luksbootkeyfile/main.py when creating LUKS encryption keyfile. A local user can exploit the race and gain unauthorized access to sensitive information in the encryption file while the application sets permissions on the file.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCalamares: 3.1 - 3.2.10
External linkshttp://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1835095
http://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1835096
http://bugzilla.redhat.com/show_bug.cgi?id=1726565
http://calamares.io/calamares-3.2.11-is-out/
http://calamares.io/calamares-cve-2019/
http://github.com/calamares/calamares/issues/1190
http://github.com/calamares/calamares/issues/1191
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q57BOTBA2J5U4GVKUP7N2PD5H7B3BVUU/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2ZDQRGBGRVRW5LPJWKUNS3M66LZ3KYC/
http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/
http://www.pavelkogan.com/2015/01/25/linux-mint-encryption/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
