cvelistv5 - cve-2014-4038

cve-2014-4038

Vulnerability from cvelistv5

Published

2014-06-17 15:00

Modified

2024-08-06 11:04

Severity ?

Summary

ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html	Third Party Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2014/06/17/1	Mailing List, Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-0383.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-1320.html	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/60616
cve@mitre.org	http://www.securityfocus.com/bid/68049
cve@mitre.org	https://bugzilla.novell.com/show_bug.cgi?id=882667	Issue Tracking
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1109371	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2014/06/17/1	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0383.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1320.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60616
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/68049
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.novell.com/show_bug.cgi?id=882667	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1109371	Issue Tracking

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:28.166Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
          },
          {
            "name": "[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
          },
          {
            "name": "RHSA-2015:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
          },
          {
            "name": "60616",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60616"
          },
          {
            "name": "SUSE-SU-2014:0928",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
          },
          {
            "name": "68049",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68049"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2015:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
        },
        {
          "name": "[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "name": "RHSA-2015:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
        },
        {
          "name": "60616",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60616"
        },
        {
          "name": "SUSE-SU-2014:0928",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
        },
        {
          "name": "68049",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68049"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4038",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1320",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
            },
            {
              "name": "[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
            },
            {
              "name": "RHSA-2015:0383",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
            },
            {
              "name": "60616",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60616"
            },
            {
              "name": "SUSE-SU-2014:0928",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
            },
            {
              "name": "https://bugzilla.novell.com/show_bug.cgi?id=882667",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
            },
            {
              "name": "68049",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68049"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4038",
    "datePublished": "2014-06-17T15:00:00",
    "dateReserved": "2014-06-12T00:00:00",
    "dateUpdated": "2024-08-06T11:04:28.166Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B072472-B463-4647-885D-E40B0115C810\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ppc64-diag_project:ppc64-diag:2.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA9A0035-BBB9-4A30-AD10-E911E72178D5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.\"}, {\"lang\": \"es\", \"value\": \"ppc64-diag 2.6.1 permite a usuarios locales sobrescribir archivos arbitrarios a trav\\u00e9s de un ataque de enlace simb\\u00f3lico relacionado con (1) rtas_errd/diag_support.c y /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc y /tmp/diagSEsnap/snapH.tar.gz o (3) lpd/test/lpd_ela_test.sh y /var/tmp/ras.\"}]",
      "id": "CVE-2014-4038",
      "lastModified": "2024-11-21T02:09:23.350",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.4, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-06-17T15:55:06.177",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2014/06/17/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0383.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1320.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/60616\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/68049\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=882667\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1109371\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2014/06/17/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0383.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1320.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/60616\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/68049\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=882667\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1109371\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-59\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-4038\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-06-17T15:55:06.177\",\"lastModified\":\"2024-11-21T02:09:23.350\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.\"},{\"lang\":\"es\",\"value\":\"ppc64-diag 2.6.1 permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico relacionado con (1) rtas_errd/diag_support.c y /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc y /tmp/diagSEsnap/snapH.tar.gz o (3) lpd/test/lpd_ela_test.sh y /var/tmp/ras.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B072472-B463-4647-885D-E40B0115C810\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ppc64-diag_project:ppc64-diag:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA9A0035-BBB9-4A30-AD10-E911E72178D5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2014/06/17/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0383.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1320.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60616\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/68049\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=882667\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1109371\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2014/06/17/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0383.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1320.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/68049\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=882667\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1109371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
  }
}

cve-2014-4038

Vulnerability from fkie_nvd

Published

2014-06-17 15:55

Modified

2024-11-21 02:09

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html	Third Party Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2014/06/17/1	Mailing List, Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-0383.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-1320.html	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/60616
cve@mitre.org	http://www.securityfocus.com/bid/68049
cve@mitre.org	https://bugzilla.novell.com/show_bug.cgi?id=882667	Issue Tracking
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1109371	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2014/06/17/1	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0383.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1320.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60616
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/68049
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.novell.com/show_bug.cgi?id=882667	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1109371	Issue Tracking

Impacted products

Vendor	Product	Version
suse	linux_enterprise_server	11
ppc64-diag_project	ppc64-diag	2.6.1
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ppc64-diag_project:ppc64-diag:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA9A0035-BBB9-4A30-AD10-E911E72178D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras."
    },
    {
      "lang": "es",
      "value": "ppc64-diag 2.6.1 permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico relacionado con (1) rtas_errd/diag_support.c y /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc y /tmp/diagSEsnap/snapH.tar.gz o (3) lpd/test/lpd_ela_test.sh y /var/tmp/ras."
    }
  ],
  "id": "CVE-2014-4038",
  "lastModified": "2024-11-21T02:09:23.350",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-17T15:55:06.177",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/60616"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/68049"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/68049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-8gvg-vxvq-qh2r

Vulnerability from github

Published

2022-05-17 03:05

Modified

2022-05-17 03:05

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-4038"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-06-17T15:55:00Z",
    "severity": "MODERATE"
  },
  "details": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.",
  "id": "GHSA-8gvg-vxvq-qh2r",
  "modified": "2022-05-17T03:05:58Z",
  "published": "2022-05-17T03:05:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60616"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/68049"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

rhsa-2015:1320

Vulnerability from csaf_redhat

Published

2015-07-20 13:53

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update

Notes

Topic

Updated ppc64-diag packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files. (CVE-2014-4038, CVE-2014-4039) The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version. (BZ#1148142) This update also fixes the following bugs: * Previously, the "explain_syslog" and "syslog_to_svclog" commands failed with a "No such file or directory" error message. With this update, the ppc64-diag package specifies the location of the message_catalog directory correctly, which prevents the described error from occurring. (BZ#1139655) * Prior to this update, the /var/lock/subsys/rtas_errd file was incorrectly labeled for SELinux as "system_u:object_r:var_lock_t:s0". This update corrects the SELinux label to "system_u:object_r:rtas_errd_var_lock_t:s0". (BZ#1131501) Users of ppc64-diag are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#1148142)\n\nThis update also fixes the following bugs:\n\n* Previously, the \"explain_syslog\" and \"syslog_to_svclog\" commands failed\nwith a \"No such file or directory\" error message. With this update, the\nppc64-diag package specifies the location of the message_catalog directory\ncorrectly, which prevents the described error from occurring. (BZ#1139655)\n\n* Prior to this update, the /var/lock/subsys/rtas_errd file was incorrectly\nlabeled for SELinux as \"system_u:object_r:var_lock_t:s0\". This update\ncorrects the SELinux label to \"system_u:object_r:rtas_errd_var_lock_t:s0\".\n(BZ#1131501)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1320",
        "url": "https://access.redhat.com/errata/RHSA-2015:1320"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "external",
        "summary": "1131501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131501"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1320.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:14+00:00",
      "generator": {
        "date": "2024-11-22T08:24:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:1320",
      "initial_release_date": "2015-07-20T13:53:17+00:00",
      "revision_history": [
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-4.el6?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

RHSA-2015:1320

Vulnerability from csaf_redhat

Published

2015-07-20 13:53

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#1148142)\n\nThis update also fixes the following bugs:\n\n* Previously, the \"explain_syslog\" and \"syslog_to_svclog\" commands failed\nwith a \"No such file or directory\" error message. With this update, the\nppc64-diag package specifies the location of the message_catalog directory\ncorrectly, which prevents the described error from occurring. (BZ#1139655)\n\n* Prior to this update, the /var/lock/subsys/rtas_errd file was incorrectly\nlabeled for SELinux as \"system_u:object_r:var_lock_t:s0\". This update\ncorrects the SELinux label to \"system_u:object_r:rtas_errd_var_lock_t:s0\".\n(BZ#1131501)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1320",
        "url": "https://access.redhat.com/errata/RHSA-2015:1320"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "external",
        "summary": "1131501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131501"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1320.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:14+00:00",
      "generator": {
        "date": "2024-11-22T08:24:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:1320",
      "initial_release_date": "2015-07-20T13:53:17+00:00",
      "revision_history": [
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-4.el6?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

RHSA-2015:0383

Vulnerability from csaf_redhat

Published

2015-03-05 09:06

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update

Notes

Topic

Updated ppc64-diag packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files. (CVE-2014-4038, CVE-2014-4039) The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version including support for hot plugging of QEMU PCI devices. (BZ#1088493, BZ#1084062) This update also fixes the following bugs: * Prior to this update, the rtas_errd daemon was not started by default on system boot. With this update, rtas_errd has been modified to start automatically by default. (BZ#1170146) * Previously, the /var/log/dump file was not automatically created when installing the ppc64-diag package. This bug has been fixed, and /var/log/dump is now created at package install time as expected. (BZ#1175808) In addition, this update adds the following enhancement: * This update adds support for building the ppc64-diag packages on the little-endian variant of IBM Power Systems platform architecture. (BZ#1124007) Users of ppc64-diag are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version\nincluding support for hot plugging of QEMU PCI devices. (BZ#1088493,\nBZ#1084062)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the rtas_errd daemon was not started by default on\nsystem boot. With this update, rtas_errd has been modified to start\nautomatically by default. (BZ#1170146)\n\n* Previously, the /var/log/dump file was not automatically created when\ninstalling the ppc64-diag package. This bug has been fixed, and\n/var/log/dump is now created at package install time as expected.\n(BZ#1175808)\n\nIn addition, this update adds the following enhancement:\n\n* This update adds support for building the ppc64-diag packages on the\nlittle-endian variant of IBM Power Systems platform architecture. (BZ#1124007)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:0383",
        "url": "https://access.redhat.com/errata/RHSA-2015:0383"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0383.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:19+00:00",
      "generator": {
        "date": "2024-11-22T08:24:19+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:0383",
      "initial_release_date": "2015-03-05T09:06:12+00:00",
      "revision_history": [
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:19+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-6.el7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.src",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

rhsa-2015_0383

Vulnerability from csaf_redhat

Published

2015-03-05 09:06

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update

Notes

Topic

Details

The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files. (CVE-2014-4038, CVE-2014-4039) The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version including support for hot plugging of QEMU PCI devices. (BZ#1088493, BZ#1084062) This update also fixes the following bugs: * Prior to this update, the rtas_errd daemon was not started by default on system boot. With this update, rtas_errd has been modified to start automatically by default. (BZ#1170146) * Previously, the /var/log/dump file was not automatically created when installing the ppc64-diag package. This bug has been fixed, and /var/log/dump is now created at package install time as expected. (BZ#1175808) In addition, this update adds the following enhancement: * This update adds support for building the ppc64-diag packages on the little-endian variant of IBM Power Systems platform architecture. (BZ#1124007) Users of ppc64-diag are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version\nincluding support for hot plugging of QEMU PCI devices. (BZ#1088493,\nBZ#1084062)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the rtas_errd daemon was not started by default on\nsystem boot. With this update, rtas_errd has been modified to start\nautomatically by default. (BZ#1170146)\n\n* Previously, the /var/log/dump file was not automatically created when\ninstalling the ppc64-diag package. This bug has been fixed, and\n/var/log/dump is now created at package install time as expected.\n(BZ#1175808)\n\nIn addition, this update adds the following enhancement:\n\n* This update adds support for building the ppc64-diag packages on the\nlittle-endian variant of IBM Power Systems platform architecture. (BZ#1124007)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:0383",
        "url": "https://access.redhat.com/errata/RHSA-2015:0383"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0383.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:19+00:00",
      "generator": {
        "date": "2024-11-22T08:24:19+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:0383",
      "initial_release_date": "2015-03-05T09:06:12+00:00",
      "revision_history": [
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:19+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-6.el7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.src",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

rhsa-2015:0383

Vulnerability from csaf_redhat

Published

2015-03-05 09:06

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update

Notes

Topic

Details

The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files. (CVE-2014-4038, CVE-2014-4039) The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version including support for hot plugging of QEMU PCI devices. (BZ#1088493, BZ#1084062) This update also fixes the following bugs: * Prior to this update, the rtas_errd daemon was not started by default on system boot. With this update, rtas_errd has been modified to start automatically by default. (BZ#1170146) * Previously, the /var/log/dump file was not automatically created when installing the ppc64-diag package. This bug has been fixed, and /var/log/dump is now created at package install time as expected. (BZ#1175808) In addition, this update adds the following enhancement: * This update adds support for building the ppc64-diag packages on the little-endian variant of IBM Power Systems platform architecture. (BZ#1124007) Users of ppc64-diag are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version\nincluding support for hot plugging of QEMU PCI devices. (BZ#1088493,\nBZ#1084062)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the rtas_errd daemon was not started by default on\nsystem boot. With this update, rtas_errd has been modified to start\nautomatically by default. (BZ#1170146)\n\n* Previously, the /var/log/dump file was not automatically created when\ninstalling the ppc64-diag package. This bug has been fixed, and\n/var/log/dump is now created at package install time as expected.\n(BZ#1175808)\n\nIn addition, this update adds the following enhancement:\n\n* This update adds support for building the ppc64-diag packages on the\nlittle-endian variant of IBM Power Systems platform architecture. (BZ#1124007)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:0383",
        "url": "https://access.redhat.com/errata/RHSA-2015:0383"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0383.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:19+00:00",
      "generator": {
        "date": "2024-11-22T08:24:19+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:0383",
      "initial_release_date": "2015-03-05T09:06:12+00:00",
      "revision_history": [
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-03-05T09:06:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:19+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-6.el7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-6.el7.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_id": "ppc64-diag-0:2.6.7-6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-6.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-0:2.6.7-6.el7.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-6.el7.src",
        "relates_to_product_reference": "7Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64",
        "relates_to_product_reference": "7Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
          "7Server:ppc64-diag-0:2.6.7-6.el7.src",
          "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-03-05T09:06:12+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:0383"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server:ppc64-diag-0:2.6.7-6.el7.ppc64",
            "7Server:ppc64-diag-0:2.6.7-6.el7.src",
            "7Server:ppc64-diag-debuginfo-0:2.6.7-6.el7.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

rhsa-2015_1320

Vulnerability from csaf_redhat

Published

2015-07-20 13:53

Modified

2024-11-22 08:24

Summary

Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ppc64-diag packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit\nPowerPC platforms. The platform diagnostics write events reported by the\nfirmware to the service log, provide automated responses to urgent events,\nand notify system administrators or connected service frameworks about the\nreported events.\n\nMultiple insecure temporary file use flaws were found in the way the\nppc64-diag utility created certain temporary files. A local attacker could\npossibly use either of these flaws to perform a symbolic link attack and\noverwrite arbitrary files with the privileges of the user running\nppc64-diag, or obtain sensitive information from the temporary files.\n(CVE-2014-4038, CVE-2014-4039)\n\nThe ppc64-diag packages have been upgraded to upstream version 2.6.7, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#1148142)\n\nThis update also fixes the following bugs:\n\n* Previously, the \"explain_syslog\" and \"syslog_to_svclog\" commands failed\nwith a \"No such file or directory\" error message. With this update, the\nppc64-diag package specifies the location of the message_catalog directory\ncorrectly, which prevents the described error from occurring. (BZ#1139655)\n\n* Prior to this update, the /var/lock/subsys/rtas_errd file was incorrectly\nlabeled for SELinux as \"system_u:object_r:var_lock_t:s0\". This update\ncorrects the SELinux label to \"system_u:object_r:rtas_errd_var_lock_t:s0\".\n(BZ#1131501)\n\nUsers of ppc64-diag are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1320",
        "url": "https://access.redhat.com/errata/RHSA-2015:1320"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1109371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
      },
      {
        "category": "external",
        "summary": "1131501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131501"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1320.json"
      }
    ],
    "title": "Red Hat Security Advisory: ppc64-diag security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T08:24:14+00:00",
      "generator": {
        "date": "2024-11-22T08:24:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:1320",
      "initial_release_date": "2015-07-20T13:53:17+00:00",
      "revision_history": [
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-07-20T13:53:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:24:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.src",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag-debuginfo@2.6.7-4.el6?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                "product": {
                  "name": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_id": "ppc64-diag-0:2.6.7-4.el6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ppc64-diag@2.6.7-4.el6?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-0:2.6.7-4.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-0:2.6.7-4.el6.src"
        },
        "product_reference": "ppc64-diag-0:2.6.7-4.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        },
        "product_reference": "ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64",
        "relates_to_product_reference": "6Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-4038",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4038"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4038"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    },
    {
      "cve": "CVE-2014-4039",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2014-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1109371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ppc64-diag: multiple temporary file races",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
          "6Server:ppc64-diag-0:2.6.7-4.el6.src",
          "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1109371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-4039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4039"
        }
      ],
      "release_date": "2014-06-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-07-20T13:53:17+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1320"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server:ppc64-diag-0:2.6.7-4.el6.ppc64",
            "6Server:ppc64-diag-0:2.6.7-4.el6.src",
            "6Server:ppc64-diag-debuginfo-0:2.6.7-4.el6.ppc64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ppc64-diag: multiple temporary file races"
    }
  ]
}

gsd-2014-4038

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-4038

Aliases

CVE-2014-4038

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-4038",
    "description": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.",
    "id": "GSD-2014-4038",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-4038.html",
      "https://access.redhat.com/errata/RHSA-2015:1320",
      "https://access.redhat.com/errata/RHSA-2015:0383"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-4038"
      ],
      "details": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.",
      "id": "GSD-2014-4038",
      "modified": "2023-12-13T01:22:45.251320Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-4038",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2015:1320",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
          },
          {
            "name": "[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
          },
          {
            "name": "RHSA-2015:0383",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
          },
          {
            "name": "60616",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60616"
          },
          {
            "name": "SUSE-SU-2014:0928",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
          },
          {
            "name": "https://bugzilla.novell.com/show_bug.cgi?id=882667",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
          },
          {
            "name": "68049",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/68049"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ppc64-diag_project:ppc64-diag:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4038"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-59"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.novell.com/show_bug.cgi?id=882667",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=882667"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109371"
            },
            {
              "name": "[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://openwall.com/lists/oss-security/2014/06/17/1"
            },
            {
              "name": "SUSE-SU-2014:0928",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html"
            },
            {
              "name": "RHSA-2015:0383",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0383.html"
            },
            {
              "name": "RHSA-2015:1320",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1320.html"
            },
            {
              "name": "68049",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/68049"
            },
            {
              "name": "60616",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60616"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-01-07T03:00Z",
      "publishedDate": "2014-06-17T15:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from github

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from gsd

Tags

Sightings

Nomenclature