Vulnerability CVE-2018-19046

Vulnerability Name:

CVE-2018-19046 (CCN-152795)

Assigned:

2018-11-08

Published:

2018-11-08

Updated:

2019-03-13

Summary:

keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information.

CVSS v3 Severity:

4.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-19046

Source: CCN
Type: keepalived Web site
keepalived

Source: CCN
Type: Bugzilla Bug 1015141
(CVE-2018-19044) VUL-0: CVE-2018-19044,CVE-2018-19045,CVE-2018-19046, CVE-2018-19115: keepalived: dbus support in keepalived

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1015141

Source: XF
Type: UNKNOWN
keepalived-cve201819046-info-disc(152795)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/acassen/keepalived/issues/1048

Source: GENTOO
Type: Third Party Advisory
GLSA-201903-01

Vulnerable Configuration:

Configuration 1:

cpe:/a:keepalived:keepalived:2.0.8:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:keepalived:keepalived:2.0.8:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201819046	V	CVE-2018-19046	2022-06-30
oval:org.opensuse.security:def:112504	P	keepalived-2.2.2-4.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:4238	P	Security update for ImageMagick (Moderate)	2021-12-10
oval:org.opensuse.security:def:4225	P	Security update for libqt5-qtsvg (Moderate)	2021-10-12
oval:org.opensuse.security:def:105997	P	keepalived-2.2.2-4.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:5122	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:4280	P	Security update for crmsh (Important)	2021-09-16
oval:org.opensuse.security:def:4217	P	Security update for wireshark (Moderate)	2021-09-13
oval:org.opensuse.security:def:5100	P	Security update for mysql-connector-java (Moderate)	2021-08-30
oval:org.opensuse.security:def:4454	P	Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (Important)	2021-07-27
oval:org.opensuse.security:def:4462	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-07-27
oval:org.opensuse.security:def:4458	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-07-27
oval:org.opensuse.security:def:4447	P	Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP5) (Important)	2021-07-22
oval:org.opensuse.security:def:69490	P	Security update for caribou (Important)	2021-06-17
oval:org.opensuse.security:def:4421	P	Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP5) (Important)	2021-05-25
oval:org.opensuse.security:def:4401	P	Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP5) (Important)	2021-04-28
oval:org.opensuse.security:def:69595	P	Security update for python-Jinja2 (Important)	2021-02-26
oval:org.opensuse.security:def:4312	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:4340	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4324	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:25407	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:72948	P	Security update for keepalived (Important)	2020-12-01
oval:org.opensuse.security:def:25756	P	Security update for python, python-base, python-doc (Moderate)	2020-12-01
oval:org.opensuse.security:def:25610	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:24994	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:25185	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26429	P	Security update for keepalived (Moderate)	2020-12-01
oval:org.opensuse.security:def:25323	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:66167	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25712	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25557	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:24983	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:72830	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25058	P	Security update for gdb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25266	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:66259	P	Security update for keepalived (Important)	2020-12-01
oval:org.opensuse.security:def:26394	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:25698	P	Security update for dpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:91866	P	Security update for keepalived (Important)	2020-03-24
oval:org.opensuse.security:def:98816	P	Security update for keepalived (Important)	2020-03-24
oval:com.ubuntu.xenial:def:2018190460000000	V	CVE-2018-19046 on Ubuntu 16.04 LTS (xenial) - low.	2018-11-08
oval:com.ubuntu.bionic:def:201819046000	V	CVE-2018-19046 on Ubuntu 18.04 LTS (bionic) - low.	2018-11-08
oval:com.ubuntu.disco:def:2018190460000000	V	CVE-2018-19046 on Ubuntu 19.04 (disco) - low.	2018-11-08
oval:com.ubuntu.cosmic:def:201819046000	V	CVE-2018-19046 on Ubuntu 18.10 (cosmic) - low.	2018-11-08
oval:com.ubuntu.cosmic:def:2018190460000000	V	CVE-2018-19046 on Ubuntu 18.10 (cosmic) - low.	2018-11-08
oval:com.ubuntu.trusty:def:201819046000	V	CVE-2018-19046 on Ubuntu 14.04 LTS (trusty) - low.	2018-11-08
oval:com.ubuntu.bionic:def:2018190460000000	V	CVE-2018-19046 on Ubuntu 18.04 LTS (bionic) - low.	2018-11-08
oval:com.ubuntu.xenial:def:201819046000	V	CVE-2018-19046 on Ubuntu 16.04 LTS (xenial) - low.	2018-11-08

BACK