Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 647796 (CVE-2018-6954) - <sys-apps/systemd-240: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files (CVE-2018-6954)
Summary: <sys-apps/systemd-240: Mishandled symlinks in systemd-tmpfiles allows local u...
Status: RESOLVED FIXED
Alias: CVE-2018-6954
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-02-16 00:38 UTC by GLSAMaker/CVETool Bot
Modified: 2020-10-27 01:44 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-16 00:38:38 UTC 
CVE-2018-6954 (https://nvd.nist.gov/vuln/detail/CVE-2018-6954):
  systemd-tmpfiles in systemd through 237 mishandles symlinks present in
  non-terminal path components, which allows local users to obtain ownership
  of arbitrary files via vectors involving creation of a directory and a file
  under that directory, and later replacing that directory with a symlink.
  This occurs even if the fs.protected_symlinks sysctl is turned on.
Comment 1 Mike Gilbert gentoo-dev 2019-10-28 17:18:46 UTC 
I believe this bug can be closed; the oldest version of systemd in gentoo is 242.
Comment 2 Mike Gilbert gentoo-dev 2020-05-14 23:11:25 UTC 
Why is this bug still open?
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-08-29 02:17:27 UTC 
Looks like 240 was the last affected version at a quick look.
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-08-29 20:52:23 UTC 
We already did a GLSA for a newer version, so no need for this older version: bug 708806.