Permissions, Privileges, and Access Controls in Keepalived - CVE-2018-19046
Published: November 10, 2018
Vulnerability identifier: #VU15791
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-19046
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Keepalived
Keepalived
Software vendor:
Keepalived
Keepalived
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to software does not check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. A local user can create a file "/tmp/keepalived.data" or "/tmp/keepalived.stats" with read access to it for the attacker and write access for keepalived process, it is possible to gain access to sensitive information, written into these files by the application.
Remediation
Install updates from vendor's website.