Vulnerability Change Records for CVE-2018-13405

Change History

CVE Modified by MITRE 1/10/2019 6:29:02 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/106503 [No Types Assigned]

Initial Analysis 8/28/2018 11:11:51 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (including) 4.17.4
Added CVSS V2

								
							
							
						
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-264
Changed Reference Type
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 No Types Assigned
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 Patch, Vendor Advisory
Changed Reference Type
http://openwall.com/lists/oss-security/2018/07/13/2 No Types Assigned
http://openwall.com/lists/oss-security/2018/07/13/2 Mailing List, Patch, Third Party Advisory
Changed Reference Type
https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 No Types Assigned
https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 Patch, Third Party Advisory
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html Third Party Advisory
Changed Reference Type
https://twitter.com/grsecurity/status/1015082951204327425 No Types Assigned
https://twitter.com/grsecurity/status/1015082951204327425 Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3752-1/ No Types Assigned
https://usn.ubuntu.com/3752-1/ Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3752-2/ No Types Assigned
https://usn.ubuntu.com/3752-2/ Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3753-1/ No Types Assigned
https://usn.ubuntu.com/3753-1/ Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3753-2/ No Types Assigned
https://usn.ubuntu.com/3753-2/ Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3754-1/ No Types Assigned
https://usn.ubuntu.com/3754-1/ Third Party Advisory
Changed Reference Type
https://www.debian.org/security/2018/dsa-4266 No Types Assigned
https://www.debian.org/security/2018/dsa-4266 Third Party Advisory
Changed Reference Type
https://www.exploit-db.com/exploits/45033/ No Types Assigned
https://www.exploit-db.com/exploits/45033/ Exploit, Third Party Advisory, VDB Entry

CVE Modified by MITRE 9/11/2019 7:15:10 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2730 [No Types Assigned]

CVE Modified by MITRE 12/10/2019 11:15:10 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:4159 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:4164 [No Types Assigned]

CVE Modified by MITRE 7/16/2018 9:29:04 PM

Action Type Old Value New Value
Changed Description
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group.
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
Added Reference

								
							
							
						
http://openwall.com/lists/oss-security/2018/07/13/2 [No Types Assigned]

CVE Modified by MITRE 7/27/2018 9:29:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.exploit-db.com/exploits/45033/ [No Types Assigned]

CVE Modified by MITRE 5/09/2019 2:29:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://support.f5.com/csp/article/K00854051 [No Types Assigned]

CVE Modified by MITRE 8/24/2018 6:29:05 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/3752-1/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/3752-2/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/3753-1/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/3753-2/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/3754-1/ [No Types Assigned]

CVE Modified by MITRE 8/27/2019 11:15:10 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2566 [No Types Assigned]

CVE Modified by MITRE 8/29/2018 6:29:04 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/3752-3/ [No Types Assigned]

CVE Modified by MITRE 8/07/2018 9:29:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.debian.org/security/2018/dsa-4266 [No Types Assigned]

CVE Modified by MITRE 8/16/2018 6:29:01 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html [No Types Assigned]

CWE Remap 10/02/2019 8:3:26 PM

Action Type Old Value New Value
Changed CWE
CWE-264
CWE-264
CWE-284
CWE-269

CVE Modified by MITRE 10/31/2018 6:31:00 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2018:2948 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2018:3083 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2018:3096 [No Types Assigned]

CVE Modified by MITRE 8/13/2019 4:15:10 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2476 [No Types Assigned]

CVE Modified by MITRE 4/09/2019 12:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:0717 [No Types Assigned]

CVE Modified by MITRE 9/10/2019 2:15:10 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2696 [No Types Assigned]