Multiple vulnerabilities in cflinuxfs3



Published: 2021-10-05
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-3902
CVE-2018-17983
CWE-ID CWE-61
CWE-125
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		cflinuxfs3
Other software / Other software solutions

Vendor Cloud Foundry Foundation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Symlink attack

EUVDB-ID: #VU29241

Risk: Medium

CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-3902

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue. A remote user can create a specially crafted symbolic link to and write files outside a repository.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cflinuxfs3: 0.0.0 - 0.260.0

External links

http://github.com/cloudfoundry/cflinuxfs3/releases/tag/0.261.0


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU15317

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-17983

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The vulnerability exists in the cext/manifest.c file due to improper parsing of manifest entries. A remote attacker can send a manifest entry that submits malicious input, trigger an out-of-bounds read condition to access sensitive information or cause a denial of service (DoS) condition.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cflinuxfs3: 0.0.0 - 0.260.0

External links

http://github.com/cloudfoundry/cflinuxfs3/releases/tag/0.261.0


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###