CVE-2018-6558 - OpenCVE

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Fscrypt

Configuration 1 [-]

cpe:2.3:a:google:fscrypt:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b
https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66
https://github.com/google/fscrypt/issues/77
https://launchpad.net/bugs/1787548

History

No history.

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2018-08-23T20:00:00Z

Updated: 2024-09-17T02:06:50.219Z

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-6558

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-08-23T19:29:01.127

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-6558

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "fscrypt", "vendor": "The fscrypt Project", "versions": [{"status": "affected", "version": "before 0.2.4"}]}], "datePublic": "2018-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-23T19:57:01", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/issues/77"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"tags": ["x_refsource_MISC"], "url": "https://launchpad.net/bugs/1787548"}], "source": {"discovery": "UNKNOWN"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "DATE_PUBLIC": "2018-08-23T17:00:00.000Z", "ID": "CVE-2018-6558", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "fscrypt", "version": {"version_data": [{"version_value": "before 0.2.4"}]}}]}, "vendor_name": "The fscrypt Project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/google/fscrypt/issues/77", "refsource": "MISC", "url": "https://github.com/google/fscrypt/issues/77"}, {"name": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b", "refsource": "MISC", "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"name": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66", "refsource": "MISC", "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"name": "https://launchpad.net/bugs/1787548", "refsource": "MISC", "url": "https://launchpad.net/bugs/1787548"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:10:10.031Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/fscrypt/issues/77"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://launchpad.net/bugs/1787548"}]}]}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2018-6558", "datePublished": "2018-08-23T20:00:00Z", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2024-09-17T02:06:50.219Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:fscrypt:*:*:*:*:*:*:*:*", "matchCriteriaId": "80891EB5-205B-4BB3-8BEA-589FD0B5CDB3", "versionEndExcluding": "0.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)."}, {"lang": "es", "value": "El m\u00f3dulo pam_fscrypt en fscrypt en versiones anteriores a la 0.2.4 podr\u00eda restaurar incorrectamente los ID de los grupos primarios y suplementarios a los valores asociados con el usuario root, lo que permite que los atacantes obtengan privilegios mediante un inicio de sesi\u00f3n con \u00e9xito a trav\u00e9s de determinadas aplicaciones que utilicen Linux-PAM (tambi\u00e9n conocido como pam)."}], "id": "CVE-2018-6558", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-23T19:29:01.127", "references": [{"source": "security@ubuntu.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b"}, {"source": "security@ubuntu.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66"}, {"source": "security@ubuntu.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/google/fscrypt/issues/77"}, {"source": "security@ubuntu.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://launchpad.net/bugs/1787548"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}