Link Following in systemd

Do your applications use this vulnerable package? Test your applications

Overview

systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.

References

Debian Security Announcement
Debian Security Tracker
Exploit DB
GitHub Issue
MISC
OSS security Advisory
OSS security Advisory
OpenSuse Security Update

Attack Vector

Local
Attack Complexity

Low
Privileges Required

Low
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

CVE: CVE-2017-18078
CWE: CWE-59
Snyk ID: SNYK-DEBIAN9-SYSTEMD-305165
Disclosed: 29 Jan, 2018
Published: 29 Jan, 2018

Link Following
Affecting systemd package, versions *

Overview

References

CVSS Score

Link Following Affecting systemd package, versions *

Overview

References

Link Following
Affecting systemd package, versions *