SB2023040337 - Multiple vulnerabilities in Amanda
Published: April 3, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-37705)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application is using a setuid component runtar, which is a wrapper for /usr/bin/tar with specific arguments
that are controllable by the attacker. A local user can execute arbitrary code with root privileges.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-37704)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application is using a setuid binary /lib/amanda/rundump to process backup files. A local user can inject arbitrary arguments to the command and execute arbitrary commands as root.
3) Exposure of Resource to Wrong Sphere (CVE-ID: CVE-2022-37703)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the calcsize SUID binary can return information on any file on the filesystem. A local user can detect whether the file is present on the system.
Remediation
Install update from vendor's website.
References
- https://github.com/MaherAzzouzi/CVE-2022-37705
- https://github.com/MaherAzzouzi/CVE-2022-37704
- https://github.com/MaherAzzouzi/CVE-2022-37703
- https://bugs.gentoo.org/870037
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATMGMVS3QDN6OMKMHGUTUTU7NS7HR3BZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYREA6LFXF5M7K4WLNJV5VNQPS4MTBW2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5DCLSX5YYTWMKSMDL67M5STZ5ZDSOXK/