CVE-2020-14367

EPSS 0.26%
Published 24.08.2020 15:15:13
Last modified 21.11.2024 05:03:06
Source secalert@redhat.com
Teams watchlist Login
Open Login

A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Tuxfamily ≫ Chrony Version < 3.5.1

Fedoraproject ≫ Fedora Version32

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.26%	0.494

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6	0.8	5.2	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
nvd@nist.gov	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:N/I:P/A:P

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://bugzilla.redhat.com/show_bug.cgi?id=1870298

Patch

Vendor Advisory

Issue Tracking

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/

https://security.gentoo.org/glsa/202008-23

Third Party Advisory

https://usn.ubuntu.com/4475-1/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-14367

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-14367

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-14367

EUVD