Fedora 29 update for gvfs

Published: 2019-07-17 | Updated: 2025-04-25

Risk	Critical
Patch available	YES
Number of vulnerabilities	4
CVE-ID	CVE-2019-12795 CVE-2019-12447 CVE-2019-12448 CVE-2019-12449
CWE-ID	CWE-264 CWE-362
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Fedora Operating systems & Components / Operating system gvfs Operating systems & Components / Operating system package or component
Vendor	Fedoraproject

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU18791

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-12795

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to the daemon/gvfsdaemon.c opened a private D-Bus server socket without configuring an authorization rule. A local attacker can connect to this server socket and issue D-Bus method calls.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 29

gvfs: before 1.38.3-1.fc29

CPE2.3

External links

https://bodhi.fedoraproject.org/updates/FEDORA-2019-e6b02af8b8

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU18678

Risk: Critical

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]

CVE-ID: CVE-2019-12447

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to functionality in the daemon/gvfsbackendadmin.c file doesn't make use of "setfsuid" call when handling ownership permissions. A remote attacker can gain unauthorized access to arbitrary files on a system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 29

gvfs: before 1.38.3-1.fc29

CPE2.3

External links

https://bodhi.fedoraproject.org/updates/FEDORA-2019-e6b02af8b8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Race condition

EUVDB-ID: #VU18677

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-12448

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite or access sensitive information, or cause a denial of service (DoS) condition on a targeted system.

The vulnerability exists due to race conditions in the daemon/gvfsbackendadmin.c source code file because the admin backend does not implement the query_info_on_read/write functionality. A remote attacker can send a request with malicious input to the system and cause race condition that will allow to overwrite or access sensitive information or cause a DoS condition.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 29

gvfs: before 1.38.3-1.fc29

CPE2.3

External links

https://bodhi.fedoraproject.org/updates/FEDORA-2019-e6b02af8b8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU18676

Risk: Critical

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]

CVE-ID: CVE-2019-12449

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to mishandling of file user and group ownership in the daemon/gvfsbackendadmin.c file. Operations "G_FILE_COPY_ALL_METADATA" from admin:// URIs to file:// URIs during move-and-copy are handled by the Gnome Input/Output (GIO) fallback code, which does not run with root permissions. A remote attacker can gain unauthorized access to arbitrary file information on a system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 29

gvfs: before 1.38.3-1.fc29

CPE2.3

External links

https://bodhi.fedoraproject.org/updates/FEDORA-2019-e6b02af8b8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.