CVE-2018-7738
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
En util-linux, en versiones anteriores a la 2.32-rc1, bash-completion/umount permite que usuarios locales obtengan privilegios embebiendo comandos shell en un nombre mountpoint, que se gestiona de manera incorrecta durante un comando umount (en Bash) ejecutado por otro usuario. Esto se demuestra iniciando sesión como root y escribiendo unmount, seguido por un carácter de tabulador para autocompletar.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-06 CVE Reserved
- 2018-03-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/103367 | Third Party Advisory | |
https://github.com/karelzak/util-linux/issues/539 | Issue Tracking |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugs.debian.org/892179 | 2020-09-25 | |
https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55 | 2020-09-25 |
URL | Date | SRC |
---|---|---|
https://usn.ubuntu.com/4512-1 | 2020-09-25 | |
https://www.debian.org/security/2018/dsa-4134 | 2020-09-25 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Kernel Search vendor "Kernel" | Util-linux Search vendor "Kernel" for product "Util-linux" | <= 2.31 Search vendor "Kernel" for product "Util-linux" and version " <= 2.31" | - |
Affected
|