SB2022051207 - Multiple vulnerabilities in cflinuxfs3

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Privilege escalation (CVE-ID: CVE-2017-9525)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in Cron due to a flaw in the postinst maintainer script. A local attacker with crontab group privileges can conduct a symlink attack, bypass crontab privilege separation controls and gain root privileges on the target system.

Successful exploitation of the vulnerability results in privilege escalation.

2) Unchecked Return Value (CVE-ID: CVE-2019-9704)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to the calloc return value is not checked. A local user can create a large crontab file and crash the daemon.

3) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2019-9705)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to Vixie Cron implementation allows unlimited number of lines to be inserted into the crontab file. A local user can create a very large crontab file and consume all available memory on the system.

4) Use-after-free (CVE-ID: CVE-2019-9706)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in force_rescan_user() function in Vixie Cron. A local user can write specially crafted data to the crontab file, trigger a use-after-free error and crash the daemon.

Remediation

Install update from vendor's website.

References

• https://github.com/cloudfoundry/cflinuxfs3/releases/tag/0.295.0