Vulnerability CVE-2019-12795

Vulnerability Name:

CVE-2019-12795 (CCN-162567)

Assigned:

2019-06-05

Published:

2019-06-05

Updated:

2020-08-24

Summary:

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

4.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)
3.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-276
CWE-285

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2019-12795

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:1699

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:1697

Source: BID
Type: UNKNOWN
108741

Source: REDHAT
Type: UNKNOWN
RHSA-2019:3553

Source: XF
Type: UNKNOWN
gnome-cve201912795-sec-bypass(162567)

Source: CCN
Type: GNOME GIT Repository
gvfsdaemon: Check that the connecting client is the same user

Source: MISC
Type: Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gvfs/commit/70dbfc68a79faac49bd3423e079cb6902522082a

Source: MISC
Type: Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gvfs/commit/d8c9138bf240975848b1c54db648ec4cd516a48f

Source: MISC
Type: Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gvfs/commit/e3808a1b4042761055b1d975333a8243d67b8bfe

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20190619 [SECURITY] [DLA 1827-1] gvfs security update

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-e6b02af8b8

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-6ed5523cc0

Source: UBUNTU
Type: UNKNOWN
USN-4053-1

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnome:gvfs:*:*:*:*:*:*:*:* (Version < 1.38.3)

OR cpe:/a:gnome:gvfs:*:*:*:*:*:*:*:* (Version >= 1.40.0 and < 1.40.2)

OR cpe:/a:gnome:gvfs:*:*:*:*:*:*:*:* (Version >= 1.41.0 and < 1.41.3)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnome:gvfs:1.41.2:*:*:*:*:*:*:*

OR cpe:/a:gnome:gvfs:1.38.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201912795	V	CVE-2019-12795	2022-08-07
oval:org.opensuse.security:def:3283	P	gvfs-1.48.1-150400.2.17 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94913	P	gvfs-1.48.1-150400.2.17 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3484	P	libapr-util1-dbd-mysql-1.6.1-18.2.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3472	P	dhcp-relay-4.3.6.P1-6.11.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1668	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:94024	P	(Important)	2022-05-16
oval:org.opensuse.security:def:1197	P	Security update for openssl-1_1 (Important)	2022-03-16
oval:org.opensuse.security:def:100737	P	(Moderate)	2022-01-20
oval:org.opensuse.security:def:112385	P	gvfs-1.48.1-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:69955	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:1553	P	Security update for the Linux Kernel (Important)	2021-11-09
oval:org.opensuse.security:def:105896	P	gvfs-1.48.1-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:2142	P	python3-pywbem-0.11.0-2.21 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2137	P	nginx-1.14.0-4.24 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2132	P	libvirglrenderer0-0.6.0-2.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2115	P	freeradius-server-3.0.16-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2109	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2107	P	apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2144	P	rarpd-s20161105-6.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2010	P	pam-modules-12.1-3.17 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2005	P	libicu60_2-60.2-3.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2001	P	gv-3.7.4-1.41 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63382	P	uuidd-2.36.2-2.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2044	P	terraform-provider-helm-1.3.2-6.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:71863	P	libXext-devel-1.3.3-1.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72476	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71968	P	libthai-data-0.1.27-1.16 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72084	P	unixODBC-2.3.6-3.2.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101163	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62337	P	tboot-20170711_1.9.8-15.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62757	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62336	P	tar-1.30-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63018	P	jython-2.2.1-11.65 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62816	P	libtag-devel-1.11.1-4.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62360	P	yast2-multipath-4.2.1-1.74 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:65294	P	Security update for caribou (Important)	2021-07-20
oval:org.opensuse.security:def:51917	P	Security update for cryptctl (Important)	2021-06-23
oval:org.opensuse.security:def:48533	P	libpcsclite1-1.8.10-3.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48517	P	libldb1-1.1.26-10.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48604	P	python-2.7.9-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48944	P	libqt4-sql-mysql-32bit-4.8.7-8.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48746	P	libssh4-0.6.3-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48621	P	sblim-sfcb-1.4.8-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48605	P	python-cupshelpers-1.5.7-7.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48516	P	libldap-2_4-2-2.4.41-18.25.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48856	P	libid3tag0-0.15.1b-182.58 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48658	P	yast2-core-3.1.23-6.38 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51139	P	Security update for xen (Important)	2021-04-20
oval:org.opensuse.security:def:51165	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:68510	P	Security update for postgresql, postgresql13 (Moderate)	2021-01-20
oval:org.opensuse.security:def:74271	P	Security update for PackageKit (Low)	2020-12-22
oval:org.opensuse.security:def:66704	P	Security update for slurm_17_11 (Important)	2020-12-18
oval:org.opensuse.security:def:73395	P	Security update for openssl-1_1 (Important)	2020-12-09
oval:org.opensuse.security:def:51855	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:2027	P	kernel-devel-azure-4.12.14-5.47.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2021	P	rmt-server-pubcloud-1.2.2-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1999	P	reiserfs-kmp-default-5.3.18-22.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2019	P	aws-cli-1.16.61-6.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107403	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71747	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2056	P	cyrus-sasl-sqlauxprop-2.1.26-3.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2087	P	python3-pywbem-0.11.0-2.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2098	P	subversion-server-1.10.0-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2093	P	skopeo-0.1.26-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2089	P	rarpd-s20161105-6.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62642	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63156	P	libapr-util1-dbd-mysql-1.6.1-2.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62537	P	libSoundTouch0-1.8.0-3.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48997	P	icu-52.1-8.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2054	P	apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72361	P	gvfs-1.42.2-4.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2049	P	389-ds-1.4.0.3-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2704	P	Security update for gvfs (Important)	2020-12-02
oval:org.opensuse.security:def:2694	P	Security update for vim (Important)	2020-12-02
oval:org.opensuse.security:def:2792	P	Security update for gvfs (Important)	2020-12-02
oval:org.opensuse.security:def:2832	P	Security update for vim (Moderate)	2020-12-02
oval:org.opensuse.security:def:2824	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2782	P	Security update for vim (Important)	2020-12-02
oval:org.opensuse.security:def:2818	P	Security update for bluez (Moderate)	2020-12-02
oval:org.opensuse.security:def:2794	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2785	P	Security update for netpbm (Moderate)	2020-12-02
oval:org.opensuse.security:def:2743	P	Security update for webkit2gtk3 (Moderate)	2020-12-02
oval:org.opensuse.security:def:2779	P	Security update for bluez (Moderate)	2020-12-02
oval:org.opensuse.security:def:2765	P	Security update for python (Important)	2020-12-02
oval:org.opensuse.security:def:2753	P	Security update for tiff (Moderate)	2020-12-02
oval:org.opensuse.security:def:2834	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2747	P	Security update for libqt5-qtsvg (Moderate)	2020-12-02
oval:org.opensuse.security:def:49728	P	bsdtar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49720	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68407	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:49653	P	libXrandr2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49584	P	libvpx-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49564	P	libndp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68731	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49333	P	spectre-meltdown-checker on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49179	P	libjavascriptcoregtk-4_0-18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49785	P	guile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49085	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65073	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:49889	P	libncurses5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65384	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49816	P	apache-pdfbox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50410	P	Security update for dbus-1 (Important)	2020-12-01
oval:org.opensuse.security:def:68628	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:50340	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:51077	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:50250	P	libwpd-0_10-10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70060	P	gvfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50012	P	librelp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51227	P	Security update for gvfs (Important)	2020-12-01
oval:org.opensuse.security:def:49855	P	perl-Config-IniFiles on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50475	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:49260	P	libwscodecs1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49757	P	perl-PerlMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49611	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49406	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50579	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:49279	P	nfs-client on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50506	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:49261	P	libxcb-composite0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64051	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:63949	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:63843	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:73277	P	pam_yubico on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63709	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64093	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:49632	P	gnome-shell on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66612	P	python3-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49565	P	libnetpbm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49476	P	libyaml-cpp0_6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74145	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49245	P	libtidy5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64205	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49638	P	gvfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49091	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49697	P	libsrtp2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49801	P	perl-Mail-SpamAssassin-Plugin-iXhash2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65163	P	Security update for gvfs (Important)	2020-12-01
oval:com.redhat.rhsa:def:20193553	P	RHSA-2019:3553: GNOME security, bug fix, and enhancement update (Low)	2019-11-05
oval:org.opensuse.security:def:109895	P	Security update for gvfs (Important)	2019-07-07
oval:org.opensuse.security:def:90511	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:97715	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:90750	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:104166	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:104405	P	Security update for gvfs (Important)	2019-07-01
oval:org.opensuse.security:def:97476	P	Security update for gvfs (Important)	2019-07-01
oval:com.ubuntu.cosmic:def:2019127950000000	V	CVE-2019-12795 on Ubuntu 18.10 (cosmic) - medium.	2019-06-11
oval:com.ubuntu.disco:def:2019127950000000	V	CVE-2019-12795 on Ubuntu 19.04 (disco) - medium.	2019-06-11
oval:com.ubuntu.bionic:def:2019127950000000	V	CVE-2019-12795 on Ubuntu 18.04 LTS (bionic) - medium.	2019-06-11
oval:com.ubuntu.xenial:def:2019127950000000	V	CVE-2019-12795 on Ubuntu 16.04 LTS (xenial) - medium.	2019-06-11

BACK