OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/OpenRC/opentmpfiles/issues/3 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-14T20:00:00Z
Updated: 2024-09-16T18:54:13.455Z
Reserved: 2018-02-14T00:00:00Z
Link: CVE-2017-18188
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-02-14T20:29:00.220
Modified: 2018-03-09T16:30:53.117
Link: CVE-2017-18188
Redhat
No data.