SB2022051206 - Multiple vulnerabilities in cflinuxfs3

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022051206

SB2022051206 - Multiple vulnerabilities in cflinuxfs3

Published: May 12, 2022

Security Bulletin ID SB2022051206
Severity
Low
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2020-35512)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error if two usernames have the same numeric UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, which can result in crash.


2) Privilege escalation (CVE-ID: CVE-2017-9525)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in Cron due to a flaw in the postinst maintainer script. A local attacker with crontab group privileges can conduct a symlink attack, bypass crontab privilege separation controls and gain root privileges on the target system.

Successful exploitation of the vulnerability results in privilege escalation.

3) Unchecked Return Value (CVE-ID: CVE-2019-9704)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to the calloc return value is not checked. A local user can create a large crontab file and crash the daemon.


4) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2019-9705)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to Vixie Cron implementation allows unlimited number of lines to be inserted into the crontab file. A local user can create a very large crontab file and consume all available memory on the system.


5) Use-after-free (CVE-ID: CVE-2019-9706)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in force_rescan_user() function in Vixie Cron. A local user can write specially crafted data to the crontab file, trigger a use-after-free error and crash the daemon.


Remediation

Install update from vendor's website.

References