Candidate: CVE-2018-19044
PublicDate: 2018-11-08 20:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19044
Description:
 keepalived 2.0.8 didn't check for pathnames with symlinks when writing data
 to a temporary file upon a call to PrintData or PrintStats. This allowed
 local users to overwrite arbitrary files if fs.protected_symlinks is set to
 0, as demonstrated by a symlink from /tmp/keepalived.data or
 /tmp/keepalived.stats to /etc/passwd.
Ubuntu-Description:
Notes:
 mdeslaur> xenial and earlier don't have dbus support
Bugs:
 https://bugzilla.suse.com/show_bug.cgi?id=1015141
 https://github.com/acassen/keepalived/issues/1048
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N [4.7 MEDIUM]


Patches_keepalived:
 upstream: https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306
Tags_keepalived: symlink-restriction hardlink-restriction
upstream_keepalived: released (2.0.9)
precise/esm_keepalived: not-affected (code not present)
trusty_keepalived: not-affected (code not present)
trusty/esm_keepalived: not-affected (code not present)
xenial_keepalived: not-affected (code not present)
esm-infra/xenial_keepalived: not-affected (code not present)
bionic_keepalived: needed
cosmic_keepalived: ignored (reached end-of-life)
disco_keepalived: not-affected (1:2.0.10-1)
eoan_keepalived: not-affected (1:2.0.10-1)
focal_keepalived: not-affected (1:2.0.10-1)
groovy_keepalived: not-affected (1:2.0.10-1)
hirsute_keepalived: not-affected (1:2.0.10-1)
impish_keepalived: not-affected (1:2.0.10-1)
jammy_keepalived: not-affected (1:2.0.10-1)
devel_keepalived: not-affected (1:2.0.10-1)