fkie_nvd - fkie_cve-2018-13405

FKIE_CVE-2018-13405

Vulnerability from fkie_nvd - Published: 2018-07-06 14:29 - Updated: 2024-11-21 03:47

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.

References

URL	Tags
cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7	Patch, Vendor Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2018/07/13/2	Mailing List, Patch, Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/106503	Broken Link
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2948	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:3083	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:3096	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:0717	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:2476	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:2566	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:2696	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:2730	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:4159	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:4164	Third Party Advisory
cve@mitre.org	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406	Mailing List, Patch, Vendor Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7	Patch, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html	Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/
cve@mitre.org	https://support.f5.com/csp/article/K00854051	Third Party Advisory
cve@mitre.org	https://twitter.com/grsecurity/status/1015082951204327425	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3752-1/	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3752-2/	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3752-3/	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3753-1/	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3753-2/	Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3754-1/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2018/dsa-4266	Third Party Advisory
cve@mitre.org	https://www.exploit-db.com/exploits/45033/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2018/07/13/2	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106503	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2948	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:3083	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:3096	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:0717	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:2476	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:2566	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:2696	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:2730	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:4159	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:4164	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K00854051	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/grsecurity/status/1015082951204327425	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3752-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3752-2/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3752-3/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3753-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3753-2/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3754-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2018/dsa-4266	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45033/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
debian	debian_linux	8.0
debian	debian_linux	9.0
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	18.04
fedoraproject	fedora	34
fedoraproject	fedora	35
redhat	mrg_realtime	2.0
redhat	virtualization	4.0
redhat	enterprise_linux_aus	7.4
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	7.4
redhat	enterprise_linux_eus	7.5
redhat	enterprise_linux_for_real_time	7
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	6.6
redhat	enterprise_linux_server_aus	7.2
redhat	enterprise_linux_server_aus	7.3
redhat	enterprise_linux_server_tus	7.2
redhat	enterprise_linux_server_tus	7.3
redhat	enterprise_linux_server_tus	7.4
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	15.1.0
f5	big-ip_access_policy_manager	16.0.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	15.1.0
f5	big-ip_advanced_firewall_manager	16.0.0
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	15.1.0
f5	big-ip_analytics	16.0.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	15.1.0
f5	big-ip_application_acceleration_manager	16.0.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	15.1.0
f5	big-ip_application_security_manager	16.0.0
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	15.1.0
f5	big-ip_domain_name_system	16.0.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	15.1.0
f5	big-ip_edge_gateway	16.0.0
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	15.1.0
f5	big-ip_fraud_protection_service	16.0.0
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	15.1.0
f5	big-ip_global_traffic_manager	16.0.0
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	15.1.0
f5	big-ip_link_controller	16.0.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	15.1.0
f5	big-ip_local_traffic_manager	16.0.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	15.1.0
f5	big-ip_policy_enforcement_manager	16.0.0
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	15.1.0
f5	big-ip_webaccelerator	16.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "500A2ABC-14CF-439E-ABFB-60271177BA63",
              "versionEndIncluding": "3.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB33390A-F51F-4451-8FEA-7FC31F1AA51C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E89CA5F-C65B-49B7-9B3F-4ED023B78069",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9432081E-3796-4A28-92EA-05E10A35CCDB",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9170095-A9BB-4D24-9925-39256D7CE2C6",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA6CE41-1D13-4A7A-94D8-C0D5740870A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "543B57B8-C1C7-4A70-976C-6E76FCB4E2AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AAC0F00-1726-4249-9681-43C7CED06E98",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24412C3-72FC-40E9-8AED-E233649CDABF",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B59E16D-7645-492A-9C1D-A8724FFCA28F",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B7081C-A869-402A-9C58-219B3225DB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52CFC7F-2A7F-4E23-8E6C-91B91436419C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C1A189-E227-4D17-9E48-035CCBCC0754",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0579A45D-748E-49E5-A11A-A06253CC7895",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F370C2-3C5A-416D-83C1-A4F84866E958",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E29063-889A-4499-AEAC-D79165EA34A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4FCCA87-C81C-4DB9-B5CE-E24B7C504330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2B6684-7399-470B-B91C-B5F7A500A30C",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79180EBD-26CE-4012-A55C-320626E236B8",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "997D12F1-098D-4C42-A6A2-B4F59AC78F0F",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C32BB88-ECE9-49C1-B75D-D47A17399C10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99398E30-A7D1-4A88-BE09-524DEF26C8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B226347-71D7-4235-8802-4C1F82EB948E",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD3FDA5-5E5A-41F9-ABB4-4C7A166A4A28",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C4B56F-D022-4268-9D78-6E4D12AE9215",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14612AC5-945C-4402-AFF0-5FCE11B7C785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "321CC6FB-A330-41AA-9E8D-1FC1A1E75884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF91F21C-80D9-42E2-8DD9-D523D05CA39A",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA7525A1-439A-495C-9D37-3D34D396BD61",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFC0D83-7F64-44F2-A014-37DE3CAF846A",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "74DEDC05-82FC-4AD5-9DDD-D0D68DA9E26D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "693F34DB-A79D-41E1-85E6-4B7BC2DCF7FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25CA8B66-C7A2-42DE-9FD4-620EBEC0B226",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A2444CF-5BA9-4DD0-9910-C156F9FCDA27",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1CC599-DA9C-46BD-9C5C-FD25D57AE9D6",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F48A48-9C6E-49CD-8C89-C4F75BF2982A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C026F902-7258-43A6-BB36-A72121BE72CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1102BBCB-6D9E-46AA-9DA2-A739A8159D8F",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0714D8F-01FA-4644-BEFD-587B28528727",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "920BC3DD-A1D4-403B-83D2-00636C20FFC0",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E634D59-2B6D-49B8-A7BD-E2962CD2B455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3836F05D-0EE6-441E-A498-FC3E25960CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D80416-4AA8-4A26-9B0C-6AE5A84301E8",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A599B58A-A3D5-4CC1-A090-8AD73BB579F7",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49C8BE4A-DED6-451A-B6EE-AC95DD26F85A",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5756EA61-D0E4-4AC1-882D-71EE4BB6CEB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7171DEF9-C5EB-490B-9BD5-4C7CB0331D61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07F2C5EE-2106-4FC1-9C43-2621330A1585",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E51A79D-3602-4FC4-9FD9-07E64361B1F6",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC0E30F-6550-4BC9-8DA7-6BD495DBF415",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E847B072-2E86-416D-9D39-FD796770A0B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AEF72B3-8334-4848-9835-614B6E1144FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A188D5-B165-4A11-B0CA-26C46F67C4BC",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BD1043-CF12-45FA-B64B-EF57EBD708F6",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D90F4A-FA2A-412F-8591-D1CA6399ECAD",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "461C4C1D-B0F9-44EF-A535-BCE9FE501A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7543A048-FFC5-442C-A008-5E7458317F14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE322801-EBC9-4B51-AAC2-1371111207AB",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D7CC86-ADC4-4E70-BC80-D8850B746420",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAD2867D-D646-4B01-A383-6A47B51D059E",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C2B883-EA96-4B51-865B-B1DE1561096C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F65E0AC-FDE1-485F-99AA-387096A02DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAEFCA7B-85ED-4825-A15D-E7357FC97AB0",
              "versionEndExcluding": "13.1.3.5",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD80613-FE83-46A3-B28E-EA9524214BC5",
              "versionEndExcluding": "14.1.3.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "126DC4FA-E5EB-43E1-83F9-19F29E852E03",
              "versionEndExcluding": "15.0.1.4",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C5A9DDF-C18B-4628-AE26-50FBDAD4654B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:16.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A055174D-5D6D-43A2-9B36-AF81FD3196E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n inode_init_owner en fs/inode.c en el kernel de Linux hasta la versi\u00f3n 3.16 permite a los usuarios locales crear archivos con una propiedad de grupo no deseada, en un escenario donde un directorio es SGID a un cierto grupo y es escribible por un usuario que no es miembro de ese grupo. En este caso, el no miembro puede desencadenar la creaci\u00f3n de un archivo simple cuya propiedad de grupo sea ese grupo. El comportamiento previsto era que el no miembro puede activar la creaci\u00f3n de un directorio (pero no un archivo plano) cuya propiedad de grupo sea ese grupo. El no miembro puede aumentar sus privilegios haciendo el archivo plano ejecutable y el SGID"
    }
  ],
  "id": "CVE-2018-13405",
  "lastModified": "2024-11-21T03:47:02.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-06T14:29:01.223",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2018/07/13/2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/106503"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2948"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3083"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3096"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:0717"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2476"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2566"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2696"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2730"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:4159"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:4164"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K00854051"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/grsecurity/status/1015082951204327425"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-1/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-2/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-3/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3753-1/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3753-2/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3754-1/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4266"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45033/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2018/07/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/106503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2948"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:0717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:4159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:4164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K00854051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/grsecurity/status/1015082951204327425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3752-3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3753-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3753-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3754-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45033/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2018-13405 (GCVE-0-2018-13405)

Vulnerability from cvelistv5 – Published: 2018-07-06 14:00 – Updated: 2024-08-05 09:00

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://usn.ubuntu.com/3752-2/	vendor-advisoryx_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:3083	vendor-advisoryx_refsource_REDHAT
	https://usn.ubuntu.com/3752-3/	vendor-advisoryx_refsource_UBUNTU
	https://twitter.com/grsecurity/status/10150829512…	x_refsource_MISC
	https://usn.ubuntu.com/3753-2/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3754-1/	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2018/07/13/2	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:2948	vendor-advisoryx_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torva…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://www.exploit-db.com/exploits/45033/	exploitx_refsource_EXPLOIT-DB
	https://www.debian.org/security/2018/dsa-4266	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/106503	vdb-entryx_refsource_BID
	https://usn.ubuntu.com/3752-1/	vendor-advisoryx_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:3096	vendor-advisoryx_refsource_REDHAT
	https://usn.ubuntu.com/3753-1/	vendor-advisoryx_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/0fa3ecd8…	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2019:0717	vendor-advisoryx_refsource_REDHAT
	https://support.f5.com/csp/article/K00854051	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:2476	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2566	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2696	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2730	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4159	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4164	vendor-advisoryx_refsource_REDHAT
	https://git.kernel.org/pub/scm/linux/kernel/git/t…	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:00:35.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3752-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-2/"
          },
          {
            "name": "RHSA-2018:3083",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3083"
          },
          {
            "name": "USN-3752-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-3/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://twitter.com/grsecurity/status/1015082951204327425"
          },
          {
            "name": "USN-3753-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3753-2/"
          },
          {
            "name": "USN-3754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3754-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2018/07/13/2"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
          },
          {
            "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
          },
          {
            "name": "45033",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45033/"
          },
          {
            "name": "DSA-4266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4266"
          },
          {
            "name": "106503",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106503"
          },
          {
            "name": "USN-3752-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-1/"
          },
          {
            "name": "RHSA-2018:3096",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3096"
          },
          {
            "name": "USN-3753-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3753-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
          },
          {
            "name": "RHSA-2019:0717",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0717"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K00854051"
          },
          {
            "name": "RHSA-2019:2476",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2476"
          },
          {
            "name": "RHSA-2019:2566",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2566"
          },
          {
            "name": "RHSA-2019:2696",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2696"
          },
          {
            "name": "RHSA-2019:2730",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2730"
          },
          {
            "name": "RHSA-2019:4159",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4159"
          },
          {
            "name": "RHSA-2019:4164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406"
          },
          {
            "name": "FEDORA-2022-3a60c34473",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/"
          },
          {
            "name": "FEDORA-2022-5d0676b098",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-25T18:06:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3752-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-2/"
        },
        {
          "name": "RHSA-2018:3083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3083"
        },
        {
          "name": "USN-3752-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-3/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://twitter.com/grsecurity/status/1015082951204327425"
        },
        {
          "name": "USN-3753-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3753-2/"
        },
        {
          "name": "USN-3754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3754-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://openwall.com/lists/oss-security/2018/07/13/2"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
        },
        {
          "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
        },
        {
          "name": "45033",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45033/"
        },
        {
          "name": "DSA-4266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4266"
        },
        {
          "name": "106503",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106503"
        },
        {
          "name": "USN-3752-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-1/"
        },
        {
          "name": "RHSA-2018:3096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3096"
        },
        {
          "name": "USN-3753-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3753-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
        },
        {
          "name": "RHSA-2019:0717",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0717"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K00854051"
        },
        {
          "name": "RHSA-2019:2476",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2476"
        },
        {
          "name": "RHSA-2019:2566",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2566"
        },
        {
          "name": "RHSA-2019:2696",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2696"
        },
        {
          "name": "RHSA-2019:2730",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2730"
        },
        {
          "name": "RHSA-2019:4159",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4159"
        },
        {
          "name": "RHSA-2019:4164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406"
        },
        {
          "name": "FEDORA-2022-3a60c34473",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/"
        },
        {
          "name": "FEDORA-2022-5d0676b098",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-13405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3752-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-2/"
            },
            {
              "name": "RHSA-2018:3083",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3083"
            },
            {
              "name": "USN-3752-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-3/"
            },
            {
              "name": "https://twitter.com/grsecurity/status/1015082951204327425",
              "refsource": "MISC",
              "url": "https://twitter.com/grsecurity/status/1015082951204327425"
            },
            {
              "name": "USN-3753-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3753-2/"
            },
            {
              "name": "USN-3754-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3754-1/"
            },
            {
              "name": "http://openwall.com/lists/oss-security/2018/07/13/2",
              "refsource": "MISC",
              "url": "http://openwall.com/lists/oss-security/2018/07/13/2"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
            },
            {
              "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
            },
            {
              "name": "45033",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45033/"
            },
            {
              "name": "DSA-4266",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4266"
            },
            {
              "name": "106503",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106503"
            },
            {
              "name": "USN-3752-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-1/"
            },
            {
              "name": "RHSA-2018:3096",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3096"
            },
            {
              "name": "USN-3753-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3753-1/"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7"
            },
            {
              "name": "RHSA-2019:0717",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0717"
            },
            {
              "name": "https://support.f5.com/csp/article/K00854051",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K00854051"
            },
            {
              "name": "RHSA-2019:2476",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2476"
            },
            {
              "name": "RHSA-2019:2566",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2566"
            },
            {
              "name": "RHSA-2019:2696",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2696"
            },
            {
              "name": "RHSA-2019:2730",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2730"
            },
            {
              "name": "RHSA-2019:4159",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4159"
            },
            {
              "name": "RHSA-2019:4164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4164"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406"
            },
            {
              "name": "FEDORA-2022-3a60c34473",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/"
            },
            {
              "name": "FEDORA-2022-5d0676b098",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-13405",
    "datePublished": "2018-07-06T14:00:00",
    "dateReserved": "2018-07-06T00:00:00",
    "dateUpdated": "2024-08-05T09:00:35.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2018-13405

CVE-2018-13405 (GCVE-0-2018-13405)

Tags

Sightings

Nomenclature