| Vulnerability Name: | CVE-2018-10361 (CCN-142385) | ||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2018-04-24 | ||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2018-04-24 | ||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2019-10-03 | ||||||||||||||||||||||||||||||||||||||||||||
| Summary: | An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation. | ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
7.4 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-668 | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2018-10361 Source: CCN Type: oss-sec Mailing List, Tue, 24 Apr 2018 13:11:09 +0200 ktexteditor / Kate local privilege escalation Source: CCN Type: oss-sec Mailing List, Wed, 25 Apr 2018 10:57:01 +0200 Re: ktexteditor / Kate local privilege escalation (CVE-2018-10361) Source: MISC Type: Mailing List, Third Party Advisory http://www.openwall.com/lists/oss-security/2018/04/24/1 Source: MLIST Type: UNKNOWN [oss-security] 20190709 Privileged File Access from Desktop Applications Source: CCN Type: KTextEditor Web site KTextEditor Source: MISC Type: Issue Tracking, Third Party Advisory https://bugzilla.suse.com/show_bug.cgi?id=1033055 Source: XF Type: UNKNOWN ktexteditor-cve201810361-priv-esc(142385) Source: CCN Type: WhiteSource Vulnerability Database CVE-2018-10361 | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||