Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1596533 - (CVE-2018-10875) CVE-2018-10875 ansible: ansible.cfg is being read from current working directory allowing possible code execution
CVE-2018-10875 ansible: ansible.cfg is being read from current working direct...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20180629,repor...
: Security
Depends On: 1602764 1602765 1602767 1611793 1611794 1598803 1598804 1598805 1598806 1598813 1598814 1599297 1602766 1607722 1611795 1636193 1636195
Blocks: 1596534
  Show dependency treegraph
 
Reported: 2018-06-29 04:03 EDT by Adam Mariš
Modified: 2018-10-19 17:35 EDT (History)
83 users (show)

See Also:
Fixed In Version: ansible 2.4.6, ansible 2.5.6, ansible 2.6.1
Doc Type: If docs needed, set a value
Doc Text:
It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:2150 None None None 2018-07-10 05:49 EDT
Red Hat Product Errata RHSA-2018:2151 None None None 2018-07-10 07:33 EDT
Red Hat Product Errata RHSA-2018:2152 None None None 2018-07-10 08:56 EDT
Red Hat Product Errata RHSA-2018:2166 None None None 2018-07-10 13:20 EDT
Red Hat Product Errata RHSA-2018:2321 None None None 2018-07-31 13:49 EDT
Red Hat Product Errata RHSA-2018:2585 None None None 2018-08-29 12:05 EDT

  None (edit)
Description Adam Mariš 2018-06-29 04:03:46 EDT 
It was found that ansible.cfg is being read from current working directory, which cam be made to point to plugin or module paths that are under control of the attacker, allowing to execute arbitrary code.
Comment 1 Borja Tarraso 2018-06-29 10:13:20 EDT 
Acknowledgments:

Name: Brian Coca (Red Hat)
Comment 2 Pavel Cahyna 2018-06-29 10:16:52 EDT 
s/cam/can/
Comment 3 Borja Tarraso 2018-07-06 09:51:29 EDT 
Created ansible tracking bugs for this issue:

Affects: epel-all [bug 1598806]
Affects: fedora-all [bug 1598805]
Comment 7 errata-xmlrpc 2018-07-10 05:48:50 EDT 
This issue has been addressed in the following products:

  Red Hat Ansible Engine 2.5 for RHEL 7

Via RHSA-2018:2150 https://access.redhat.com/errata/RHSA-2018:2150
Comment 8 errata-xmlrpc 2018-07-10 07:32:41 EDT 
This issue has been addressed in the following products:

  Red Hat Ansible Engine 2 for RHEL 7

Via RHSA-2018:2151 https://access.redhat.com/errata/RHSA-2018:2151
Comment 9 errata-xmlrpc 2018-07-10 08:56:12 EDT 
This issue has been addressed in the following products:

  Red Hat Ansible Engine 2.4 for RHEL 7

Via RHSA-2018:2152 https://access.redhat.com/errata/RHSA-2018:2152
Comment 10 errata-xmlrpc 2018-07-10 13:20:01 EDT 
This issue has been addressed in the following products:

  Red Hat Ansible Engine 2.6 for RHEL 7

Via RHSA-2018:2166 https://access.redhat.com/errata/RHSA-2018:2166
Comment 13 errata-xmlrpc 2018-07-31 13:49:33 EDT 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Via RHSA-2018:2321 https://access.redhat.com/errata/RHSA-2018:2321
Comment 14 Borja Tarraso 2018-08-02 04:01:55 EDT 
Upstream patch: https://github.com/ansible/ansible/pull/42070
Comment 19 errata-xmlrpc 2018-08-29 12:05:03 EDT 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 13.0 (Queens)

Via RHSA-2018:2585 https://access.redhat.com/errata/RHSA-2018:2585
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.