Multiple vulnerabilities in Cloud Foundry Foundation cflinuxfs3



Published: 2022-11-28
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2013-4235
CVE-2017-2626
CWE-ID CWE-367
CWE-331
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
cflinuxfs3
Other software / Other software solutions

Vendor Cloud Foundry Foundation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU59131

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2013-4235

CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Exploit availability: No

Description

The vulnerability allows a local user to delete or modify arbitrary files on the system.

The vulnerability exists due to a race condition in shadow-utils when executing usermod/userdel operations. A local user with write access to the directory that is being moved or deleted by the usermod/userdel commands can modify or delete arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to corrupt arbitrary files on the system and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cflinuxfs3: before 0.341.0

External links

http://github.com/cloudfoundry/cflinuxfs3/releases/tag/0.341.0


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Insufficient Entropy

EUVDB-ID: #VU32017

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-2626

CWE-ID: CWE-331 - Insufficient Entropy

Exploit availability: No

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cflinuxfs3: before 0.341.0

External links

http://github.com/cloudfoundry/cflinuxfs3/releases/tag/0.341.0


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###