{"containers": {"cna": {"affected": [{"platforms": ["Ubuntu 18.04 LTS"], "product": "cups", "vendor": "n/a", "versions": [{"lessThan": "2.2.7-1ubuntu2.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["Ubuntu 17.10"], "product": "cups", "vendor": "n/a", "versions": [{"lessThan": "2.2.4-7ubuntu3.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["Ubuntu 16.04 LTS"], "product": "cups", "vendor": "n/a", "versions": [{"lessThan": "2.1.3-4ubuntu0.5", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["Ubuntu 14.04 LTS"], "product": "cups", "vendor": "n/a", "versions": [{"lessThan": "1.7.2-0ubuntu1.10", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Dan Bastone"}], "datePublic": "2018-07-11T00:00:00", "descriptions": [{"lang": "en", "value": "The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS."}], "problemTypes": [{"descriptions": [{"description": "Escape from sandbox confinement", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-15T17:06:09", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"name": "USN-3713-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/usn/usn-3713-1"}, {"name": "DSA-4243", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4243"}, {"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1426-1] cups security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html"}, {"name": "GLSA-201908-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201908-08"}], "source": {"advisory": "USN-3713-1", "discovery": "EXTERNAL"}, "title": "AppArmor cupsd Sandbox Bypass Due to Use of Hard Links", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "DATE_PUBLIC": "2018-07-11T16:00:00.000Z", "ID": "CVE-2018-6553", "STATE": "PUBLIC", "TITLE": "AppArmor cupsd Sandbox Bypass Due to Use of Hard Links"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "cups", "version": {"version_data": [{"affected": "<", "platform": "Ubuntu 18.04 LTS", "version_affected": "<", "version_value": "2.2.7-1ubuntu2.1"}, {"affected": "<", "platform": "Ubuntu 17.10", "version_affected": "<", "version_value": "2.2.4-7ubuntu3.1"}, {"affected": "<", "platform": "Ubuntu 16.04 LTS", "version_affected": "<", "version_value": "2.1.3-4ubuntu0.5"}, {"affected": "<", "platform": "Ubuntu 14.04 LTS", "version_affected": "<", "version_value": "1.7.2-0ubuntu1.10"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Dan Bastone"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Escape from sandbox confinement"}]}]}, "references": {"reference_data": [{"name": "USN-3713-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/usn/usn-3713-1"}, {"name": "DSA-4243", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4243"}, {"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1426-1] cups security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html"}, {"name": "GLSA-201908-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-08"}]}, "source": {"advisory": "USN-3713-1", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:10:10.156Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3713-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/usn/usn-3713-1"}, {"name": "DSA-4243", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4243"}, {"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1426-1] cups security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html"}, {"name": "GLSA-201908-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201908-08"}]}]}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2018-6553", "datePublished": "2018-08-10T15:00:00Z", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2024-09-16T19:51:16.287Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cups:cups:-:*:*:*:*:*:*:*", "matchCriteriaId": "142786EC-681F-4F31-BC2C-EEFB9D32D953", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS."}, {"lang": "es", "value": "El perfil CUPS AppArmor confin\u00f3 incorrectamente la puerta trasera dnssd debido al uso de enlaces f\u00edsicos. Un atacante local podr\u00eda emplear este problema para escapar del confinamiento. Este error afecta a las versiones anteriores a la 2.2.7-1ubuntu2.1 en Ubuntu 18.04 LTS, versiones anteriores a la 2.2.4-7ubuntu3.1 en Ubuntu 17.10, versiones anteriores a la 2.1.3-4ubuntu0.5 en Ubuntu 16.04 LTS y versiones anteriores a la 1.7.2-0ubuntu1.10 en Ubuntu 14.04 LTS."}], "id": "CVE-2018-6553", "lastModified": "2024-11-21T04:10:53.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-10T15:29:01.187", "references": [{"source": "security@ubuntu.com", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html"}, {"source": "security@ubuntu.com", "url": "https://security.gentoo.org/glsa/201908-08"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/usn/usn-3713-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201908-08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/usn/usn-3713-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4243"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "cups: AppArmor cupsd Sandbox Bypass Due to Use of Hard Links", "id": "1607285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607285"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-270", "details": ["The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS.", "An AppArmor sandbox bypass has been discovered in cups due to the use of hard links which are not covered by the AppArmor profile. An attacker could use the hard link, if it exists, to execute the referenced backend without sandbox restrictions."], "name": "CVE-2018-6553", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Virtualization 4"}], "public_date": "2018-05-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-6553\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-6553"], "statement": "This issue did not affect the versions of cups as shipped with Red Hat Enterprise Linux as they did not include support for AppArmor.", "threat_severity": "Important"}