Bug 1607285 (CVE-2018-6553)
| Summary: | CVE-2018-6553 cups: AppArmor cupsd Sandbox Bypass Due to Use of Hard Links | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | bmcclain, dblechte, dfediuck, eedri, jpopelka, mgoldboi, michal.skrivanek, sbonazzo, sherold, twaugh, ylavi, zdohnal |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
An AppArmor sandbox bypass has been discovered in cups due to the use of hard links which are not covered by the AppArmor profile. An attacker could use the hard link, if it exists, to execute the referenced backend without sandbox restrictions.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-07-24 14:57:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1607292 | ||
|
Description
Andrej Nemec
2018-07-23 08:12:41 UTC
Statement: This issue did not affect the versions of cups as shipped with Red Hat Enterprise Linux as they did not include support for AppArmor. |