Attacker Value
Unknown
CVE-2018-13405
CVE-2018-13405
(Last updated November 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- canonical,
- debian,
- f5,
- fedoraproject,
- linux,
- redhat
Products
- big-ip access policy manager,
- big-ip access policy manager 15.1.0,
- big-ip access policy manager 16.0.0,
- big-ip advanced firewall manager,
- big-ip advanced firewall manager 15.1.0,
- big-ip advanced firewall manager 16.0.0,
- big-ip analytics,
- big-ip analytics 15.1.0,
- big-ip analytics 16.0.0,
- big-ip application acceleration manager,
- big-ip application acceleration manager 15.1.0,
- big-ip application acceleration manager 16.0.0,
- big-ip application security manager,
- big-ip application security manager 15.1.0,
- big-ip application security manager 16.0.0,
- big-ip domain name system,
- big-ip domain name system 15.1.0,
- big-ip domain name system 16.0.0,
- big-ip edge gateway,
- big-ip edge gateway 15.1.0,
- big-ip edge gateway 16.0.0,
- big-ip fraud protection service,
- big-ip fraud protection service 15.1.0,
- big-ip fraud protection service 16.0.0,
- big-ip global traffic manager,
- big-ip global traffic manager 15.1.0,
- big-ip global traffic manager 16.0.0,
- big-ip link controller,
- big-ip link controller 15.1.0,
- big-ip link controller 16.0.0,
- big-ip local traffic manager,
- big-ip local traffic manager 15.1.0,
- big-ip local traffic manager 16.0.0,
- big-ip policy enforcement manager,
- big-ip policy enforcement manager 15.1.0,
- big-ip policy enforcement manager 16.0.0,
- big-ip webaccelerator,
- big-ip webaccelerator 15.1.0,
- big-ip webaccelerator 16.0.0,
- debian linux 8.0,
- debian linux 9.0,
- enterprise linux aus 7.4,
- enterprise linux desktop 6.0,
- enterprise linux desktop 7.0,
- enterprise linux eus 7.4,
- enterprise linux eus 7.5,
- enterprise linux for real time 7,
- enterprise linux server 6.0,
- enterprise linux server 7.0,
- enterprise linux server aus 6.6,
- enterprise linux server aus 7.2,
- enterprise linux server aus 7.3,
- enterprise linux server tus 7.2,
- enterprise linux server tus 7.3,
- enterprise linux server tus 7.4,
- enterprise linux workstation 6.0,
- enterprise linux workstation 7.0,
- fedora 34,
- fedora 35,
- linux kernel,
- mrg realtime 2.0,
- ubuntu linux 14.04,
- ubuntu linux 16.04,
- ubuntu linux 18.04,
- virtualization 4.0
References
Advisory
Miscellaneous
