CVE-2018-14348

Опубликовано: 14 авг. 2018

Источник: debian

Описание

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

Пакет	Статус	Версия исправления	Релиз	Тип
libcgroup	fixed	0.41-8.1		package
libcgroup	fixed	0.41-8+deb9u1	stretch	package

https://sourceforge.net/p/libcg/libcg/ci/0d88b73d189ea3440ccaab00418d6469f76fa590/
cgred not enabled by default, shipped example config logs to syslog by default

CVE-2018-14348

CVSS3: 8.1

ubuntu

больше 7 лет назад

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

CVE-2018-14348

CVSS3: 4.4

redhat

больше 7 лет назад

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

CVE-2018-14348

CVSS3: 8.1

nvd

больше 7 лет назад

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

CVE-2018-14348

CVSS3: 8.1

msrc

больше 5 лет назад

Описание отсутствует

openSUSE-SU-2018:2241-1

suse-cvrf

больше 7 лет назад

Security update for libcgroup