Bug 1728632 (CVE-2019-13012)
| Summary: | CVE-2019-13012 glib2: insecure permissions for files and directories | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | apmukher, caillon+fedoraproject, gnome-sig, john.j5live, klember, mbenatto, mclasen, rhughes, rstrode, tiagomatos, walters |
| Target Milestone: | --- | Keywords: | Reopened, Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 14:33:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1728633, 1728727, 1728730 | ||
| Bug Blocks: | 1728635 | ||
|
Description
Dhananjay Arunesh
2019-07-10 10:30:01 UTC
Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1728633] Fedora 30 has glib2 2.60.4 in the stable updates repo (and 2.60.5 in updates-testing) that has this already fixed. Statement: This issue affects glib2 as shipped with Red Hat Enterprise Linux 6, 7 and 8 and was rated as having a Low security impact by Red Hat Product Security team. Although Red Hat Enterprise Linux versions above ships the vulnerable code the flaw itself is not currently exploitable due to the presence of another glib2 bug (rhbz#1728896). This bug avoid glib's 'keyfile' module to be loaded at glib2 initialization, thus the vulnerable code is currently unreachable. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. glib2 provides several backend types to handling configuration files in custom applications or shipped configuration utilities (such as gsettings). One of these backends is called keyfile, which basically consists in a key-value text file used to stored the desired configuration entries. Currently keyfile backend has a vulnerability when creating the output file's parent directory and the file itself, where both are created with insecure permissions. This flaw may end up allowing an attacker to read and write to the target file under certain circumstances causing confidentiality and integrity issues. It's important to notice the fact of currently the flaw is not exploitable on the affected Red Hat Enterprise Linux versions using any packaged applications due to the presence of bz1728896, which prevents the 'keyfile' module to be loaded during glib2's initialization process. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1586 https://access.redhat.com/errata/RHSA-2021:1586 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13012 |