Red Hat Enterprise Linux 8 update for the freeradius:3.0 module

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU33417

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-10143

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

** DISPUTED ** It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for ARM 64: 8

Red Hat Enterprise Linux for Power, little endian: 8

Red Hat Enterprise Linux for IBM z Systems: 8

Red Hat Enterprise Linux for x86_64: 8.0

CPE2.3

• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_arm_64:8:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_power_little_endian:8:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_ibm_z_systems:8:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:o:red_hat:red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*

External links

https://access.redhat.com/errata/RHSA-2019:3353

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.