OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openr | opentmpfiles | * |
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openr | opentmpfiles | * |