CVE-2018-4182

Опубликовано: 09 мая 2018

Источник: redhat

CVSS3: 7

Описание

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

A Sandbox bypass has been discovered in cups on macOS due to insecure error handling. An attacker that has obtained sandboxed root access can use this flow to escape the sandbox.

Отчет

This issue did not affect the versions of cups as shipped with Red Hat Enterprise Linux as cups on Linux does not support the Sandbox feature.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	cups	Not affected
Red Hat Enterprise Linux 6	cups	Not affected
Red Hat Enterprise Linux 7	cups	Not affected
Red Hat Enterprise Linux 8	cups	Not affected
Red Hat Virtualization 4	cups	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-250

https://bugzilla.redhat.com/show_bug.cgi?id=1607283cups: Sandbox bypass due to insecure error handling

7 High

CVSS3

Связанные уязвимости

CVE-2018-4182

CVSS3: 8.2

ubuntu

около 7 лет назад

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

CVE-2018-4182

CVSS3: 8.2

nvd

около 7 лет назад

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

CVE-2018-4182

CVSS3: 8.2

debian

около 7 лет назад

In macOS High Sierra before 10.13.5, an access issue was addressed wit ...

GHSA-77qc-wcq2-m5v2

CVSS3: 8.2

github

больше 3 лет назад

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

openSUSE-SU-2018:2292-1

suse-cvrf

больше 7 лет назад

Security update for cups

7 High

CVSS3