Vulnerability CVE-2019-12449

Vulnerability Name:

CVE-2019-12449 (CCN-161793)

Assigned:

2019-05-24

Published:

2019-05-24

Updated:

2020-08-24

Summary:

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.

CVSS v3 Severity:

5.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N)
5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

4.8 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N)
4.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-755
CWE-282

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2019-12449

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2019:1699

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2019:1697

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20190709 Privileged File Access from Desktop Applications

Source: XF
Type: UNKNOWN
gnome-gvfs-cve201912449-weak-security(161793)

Source: MISC
Type: Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gvfs/commit/409619412e11be146a31b9a99ed965925f1aabb8

Source: CCN
Type: GNOME GIT Repository
admin: Ensure correct ownership when moving to file:// uri

Source: FEDORA
Type: Third Party Advisory
FEDORA-2019-e6b02af8b8

Source: FEDORA
Type: Third Party Advisory
FEDORA-2019-6ed5523cc0

Source: UBUNTU
Type: Third Party Advisory
USN-4053-1

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnome:gvfs:*:*:*:*:*:*:*:* (Version >= 1.29.4 and <= 1.41.2)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:29:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

OR cpe:/o:opensuse:leap:15.0:*:*:*:*:*:*:*

OR cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnome:gvfs:1.29.4:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201912449	V	CVE-2019-12449	2023-06-22
oval:org.opensuse.security:def:7901	P	gvfs-1.48.2-150400.4.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3283	P	libwavpack1-4.60.99-5.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3484	P	evince-3.20.2-6.27.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3472	P	dhcp-4.3.3-10.16.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94913	P	gvfs-1.48.1-150400.2.17 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1668	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:94024	P	(Important)	2022-05-16
oval:org.opensuse.security:def:1197	P	Security update for openssl-1_1 (Important)	2022-03-16
oval:org.opensuse.security:def:100737	P	(Moderate)	2022-01-20
oval:org.opensuse.security:def:112385	P	gvfs-1.48.1-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:69955	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:1553	P	Security update for the Linux Kernel (Important)	2021-11-09
oval:org.opensuse.security:def:105896	P	gvfs-1.48.1-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:2142	P	python3-pywbem-0.11.0-2.21 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2137	P	nginx-1.14.0-4.24 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2132	P	libvirglrenderer0-0.6.0-2.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2115	P	freeradius-server-3.0.16-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2109	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2107	P	apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2144	P	rarpd-s20161105-6.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2010	P	pam-modules-12.1-3.17 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2005	P	libicu60_2-60.2-3.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2001	P	gv-3.7.4-1.41 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63382	P	uuidd-2.36.2-2.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2044	P	terraform-provider-helm-1.3.2-6.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:71863	P	libXext-devel-1.3.3-1.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72476	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71968	P	libthai-data-0.1.27-1.16 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72084	P	unixODBC-2.3.6-3.2.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101163	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62337	P	tboot-20170711_1.9.8-15.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62757	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62336	P	tar-1.30-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63018	P	jython-2.2.1-11.65 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62816	P	libtag-devel-1.11.1-4.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62360	P	yast2-multipath-4.2.1-1.74 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:65294	P	Security update for caribou (Important)	2021-07-20
oval:org.opensuse.security:def:51917	P	Security update for cryptctl (Important)	2021-06-23
oval:org.opensuse.security:def:48533	P	libpcsclite1-1.8.10-3.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48517	P	libldb1-1.1.26-10.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48604	P	python-2.7.9-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48944	P	libqt4-sql-mysql-32bit-4.8.7-8.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48746	P	libssh4-0.6.3-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48621	P	sblim-sfcb-1.4.8-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48605	P	python-cupshelpers-1.5.7-7.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48516	P	libldap-2_4-2-2.4.41-18.25.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48856	P	libid3tag0-0.15.1b-182.58 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48658	P	yast2-core-3.1.23-6.38 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51139	P	Security update for xen (Important)	2021-04-20
oval:org.opensuse.security:def:51165	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:68510	P	Security update for postgresql, postgresql13 (Moderate)	2021-01-20
oval:org.opensuse.security:def:74271	P	Security update for PackageKit (Low)	2020-12-22
oval:org.opensuse.security:def:66704	P	Security update for slurm_17_11 (Important)	2020-12-18
oval:org.opensuse.security:def:73395	P	Security update for openssl-1_1 (Important)	2020-12-09
oval:org.opensuse.security:def:51855	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:2027	P	kernel-devel-azure-4.12.14-5.47.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2021	P	rmt-server-pubcloud-1.2.2-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1999	P	reiserfs-kmp-default-5.3.18-22.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2019	P	aws-cli-1.16.61-6.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107403	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71747	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2056	P	cyrus-sasl-sqlauxprop-2.1.26-3.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2087	P	python3-pywbem-0.11.0-2.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2098	P	subversion-server-1.10.0-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2093	P	skopeo-0.1.26-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2089	P	rarpd-s20161105-6.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62642	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116961	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63156	P	libapr-util1-dbd-mysql-1.6.1-2.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62537	P	libSoundTouch0-1.8.0-3.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48997	P	icu-52.1-8.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2054	P	apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72361	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2049	P	389-ds-1.4.0.3-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2704	P	Security update for gvfs (Important)	2020-12-02
oval:org.opensuse.security:def:2694	P	Security update for vim (Important)	2020-12-02
oval:org.opensuse.security:def:2792	P	Security update for gvfs (Important)	2020-12-02
oval:org.opensuse.security:def:2832	P	Security update for vim (Moderate)	2020-12-02
oval:org.opensuse.security:def:2824	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2782	P	Security update for vim (Important)	2020-12-02
oval:org.opensuse.security:def:2818	P	Security update for bluez (Moderate)	2020-12-02
oval:org.opensuse.security:def:2794	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2785	P	Security update for netpbm (Moderate)	2020-12-02
oval:org.opensuse.security:def:2743	P	Security update for webkit2gtk3 (Moderate)	2020-12-02
oval:org.opensuse.security:def:2779	P	Security update for bluez (Moderate)	2020-12-02
oval:org.opensuse.security:def:2765	P	Security update for python (Important)	2020-12-02
oval:org.opensuse.security:def:2753	P	Security update for tiff (Moderate)	2020-12-02
oval:org.opensuse.security:def:2834	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2747	P	Security update for libqt5-qtsvg (Moderate)	2020-12-02
oval:org.opensuse.security:def:49728	P	bsdtar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49720	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68407	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:49653	P	libXrandr2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49584	P	libvpx-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49564	P	libndp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68731	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49333	P	spectre-meltdown-checker on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49179	P	libjavascriptcoregtk-4_0-18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49785	P	guile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49085	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65073	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:49889	P	libncurses5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65384	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49816	P	apache-pdfbox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50410	P	Security update for dbus-1 (Important)	2020-12-01
oval:org.opensuse.security:def:68628	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:50340	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:51077	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:50250	P	libwpd-0_10-10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70060	P	gvfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50012	P	librelp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51227	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49855	P	perl-Config-IniFiles on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50475	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:49260	P	libwscodecs1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49757	P	perl-PerlMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49611	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49406	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50579	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:49279	P	nfs-client on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50506	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:49261	P	libxcb-composite0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64051	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:63949	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:63843	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:73277	P	pam_yubico on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63709	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64093	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:49632	P	gnome-shell on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66612	P	python3-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49565	P	libnetpbm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49476	P	libyaml-cpp0_6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74145	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49245	P	libtidy5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64205	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49638	P	gvfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49091	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49697	P	libsrtp2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49801	P	perl-Mail-SpamAssassin-Plugin-iXhash2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65163	P	Security update for gvfs (Important)	2020-12-01
oval:com.redhat.rhsa:def:20201766	P	RHSA-2020:1766: GNOME security, bug fix, and enhancement update (Moderate)	2020-04-28
oval:org.opensuse.security:def:109895	P	Security update for gvfs (Important)	2019-07-07
oval:org.opensuse.security:def:90511	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:97715	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:90750	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:104166	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:104405	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:97476	P	Security update for gvfs (Important)	2019-07-01
oval:com.ubuntu.cosmic:def:2019124490000000	V	CVE-2019-12449 on Ubuntu 18.10 (cosmic) - medium.	2019-05-29
oval:com.ubuntu.disco:def:2019124490000000	V	CVE-2019-12449 on Ubuntu 19.04 (disco) - medium.	2019-05-29
oval:com.ubuntu.bionic:def:2019124490000000	V	CVE-2019-12449 on Ubuntu 18.04 LTS (bionic) - medium.	2019-05-29
oval:com.ubuntu.xenial:def:2019124490000000	V	CVE-2019-12449 on Ubuntu 16.04 LTS (xenial) - medium.	2019-05-29

BACK