CVE-2018-6558 - OpenCVE

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Google	Fscrypt

Configuration 1 [-]

cpe:2.3:a:google:fscrypt:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b	Patch Third Party Advisory
https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66	Patch Third Party Advisory
https://github.com/google/fscrypt/issues/77	Issue Tracking Third Party Advisory
https://launchpad.net/bugs/1787548	Issue Tracking Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: canonical

Published: 2018-08-23T00:00:00

Updated: 2018-08-23T19:57:01

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-6558

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-08-23T19:29:01.127

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-6558

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "fscrypt", "vendor": "The fscrypt Project", "versions": [{"status": "affected", "version": "before 0.2.4"}]}], "datePublic": "2018-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-23T19:57:01", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/issues/77"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"tags": ["x_refsource_MISC"], "url": "https://launchpad.net/bugs/1787548"}], "source": {"discovery": "UNKNOWN"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "DATE_PUBLIC": "2018-08-23T17:00:00.000Z", "ID": "CVE-2018-6558", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "fscrypt", "version": {"version_data": [{"version_value": "before 0.2.4"}]}}]}, "vendor_name": "The fscrypt Project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/google/fscrypt/issues/77", "refsource": "MISC", "url": "https://github.com/google/fscrypt/issues/77"}, {"name": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b", "refsource": "MISC", "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"name": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66", "refsource": "MISC", "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"name": "https://launchpad.net/bugs/1787548", "refsource": "MISC", "url": "https://launchpad.net/bugs/1787548"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2018-6558", "datePublished": "2018-08-23T00:00:00", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2018-08-23T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:fscrypt:*:*:*:*:*:*:*:*", "matchCriteriaId": "80891EB5-205B-4BB3-8BEA-589FD0B5CDB3", "versionEndExcluding": "0.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}, {"lang": "es", "value": "El m\u00f3dulo pam_fscrypt en fscrypt en versiones anteriores a la 0.2.4 podr\u00eda restaurar incorrectamente los ID de los grupos primarios y suplementarios a los valores asociados con el usuario root, lo que permite que los atacantes obtengan privilegios mediante un inicio de sesi\u00f3n con \u00e9xito a trav\u00e9s de determinadas aplicaciones que utilicen Linux-PAM (tambi\u00e9n conocido como pam)."}], "id": "CVE-2018-6558", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-23T19:29:01.127", "references": [{"source": "security@ubuntu.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"source": "security@ubuntu.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"source": "security@ubuntu.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/issues/77"}, {"source": "security@ubuntu.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://launchpad.net/bugs/1787548"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}