UNIX symbolic link following in Keepalived - CVE-2018-19044
Published: November 10, 2018
Vulnerability identifier: #VU15789
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-19044
CWE-ID: CWE-61
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Keepalived
Keepalived
Software vendor:
Keepalived
Keepalived
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue when writing data to a temporary file upon a call to PrintData or PrintStats. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application, if fs.protected_symlinks is set to 0.
Successful exploitation of this vulnerability may result in privilege escalation.
Remediation
Install updates from vendor's website.