Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2018-14348

Published: August 14, 2018Last modified: November 9, 2023

Description

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

Severity score breakdown

ParameterValue
Base score8.1
Attack VectorNETWORK
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactNONE
VectorCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlibcgroupNot affected (3.0.0-r0)
StreamlibcgroupNot affected (3.0.0-r1)

References

ON THIS PAGE