CVE-2023-6395 — MEDIUM (6.7)

Vulnerability Description

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rpm-Software-Management	Mock	-
Fedoraproject	Extra Packages For Enterprise Linux	7.0
Fedoraproject	Fedora	38

Related Weaknesses (CWE)

CWE-20 CWE-94

References

http://www.openwall.com/lists/oss-security/2024/01/16/1Mailing ListPatchThird Party Advisory
http://www.openwall.com/lists/oss-security/2024/01/16/3ExploitMailing ListThird Party Advisory
https://access.redhat.com/security/cve/CVE-2023-6395Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2252206Issue TrackingThird Party Advisory
https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028Patch
https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6fPatch
https://lists.fedoraproject.org/archives/list/[email protected]
https://lists.fedoraproject.org/archives/list/[email protected]
http://www.openwall.com/lists/oss-security/2024/01/16/1Mailing ListPatchThird Party Advisory
http://www.openwall.com/lists/oss-security/2024/01/16/3ExploitMailing ListThird Party Advisory
https://access.redhat.com/security/cve/CVE-2023-6395Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2252206Issue TrackingThird Party Advisory
https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028Patch
https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6fPatch
https://lists.fedoraproject.org/archives/list/[email protected]

FAQ

What is CVE-2023-6395?

CVE-2023-6395 is a vulnerability with a CVSS score of 6.7 (MEDIUM). The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems f...

How severe is CVE-2023-6395?

CVE-2023-6395 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-6395?

Check the references section above for vendor advisories and patch information. Affected products include: Rpm-Software-Management Mock, Fedoraproject Extra Packages For Enterprise Linux, Fedoraproject Fedora.