CVE-2018-6556 — LOW (3.3) — White Hats Nepal

Q: How severe is CVE-2018-6556?

CVE-2018-6556 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-6556?

Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Linuxcontainers Lxc, Suse Caas Platform, Suse Openstack Cloud, Suse Suse Linux Enterprise Server.

Vulnerability Description

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.

CVSS Score

3.3

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Canonical	Ubuntu Linux	18.04
Linuxcontainers	Lxc	>= 2.0.0, <= 2.0.9
Suse	Caas Platform	1.0
Suse	Openstack Cloud	6
Suse	Suse Linux Enterprise Server	11
Opensuse	Leap	15.0

Related Weaknesses (CWE)

CWE-417

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00076.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591Issue TrackingThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=988348Issue TrackingPatch
https://security.gentoo.org/glsa/201808-02Third Party Advisory
https://usn.ubuntu.com/usn/usn-3730-1Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00076.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591Issue TrackingThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=988348Issue TrackingPatch
https://security.gentoo.org/glsa/201808-02Third Party Advisory

FAQ

What is CVE-2018-6556?

CVE-2018-6556 is a vulnerability with a CVSS score of 3.3 (LOW). lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they...

How severe is CVE-2018-6556?

CVE-2018-6556 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-6556?

Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Linuxcontainers Lxc, Suse Caas Platform, Suse Openstack Cloud, Suse Suse Linux Enterprise Server.