#VU18791 Permissions, Privileges, and Access Controls in gvfs - CVE-2019-12795

Cybersecurity Help s.r.o.

Published: 2019-06-13

Vulnerability identifier: #VU18791

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-12795

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
gvfs
Client/Desktop applications / Other client software

Vendor: Gnome Development Team

Description

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to the daemon/gvfsdaemon.c opened a private D-Bus server socket without configuring an authorization rule. A local attacker can connect to this server socket and issue D-Bus method calls.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

gvfs: 1.2.3 - 1.41.2

External links
https://gitlab.gnome.org/GNOME/gvfs/commit/70dbfc68a79faac49bd3423e079cb6902522082a
https://gitlab.gnome.org/GNOME/gvfs/commit/d8c9138bf240975848b1c54db648ec4cd516a48f
https://gitlab.gnome.org/GNOME/gvfs/commit/e3808a1b4042761055b1d975333a8243d67b8bfe

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Dell RecoverPoint for Virtual Machines update for third-party components

SUSE update for gvfs

Red Hat Enterprise Linux 8 update for GNOME

Permissions, Privileges, and Access Controls in gvfs (Alpine package)

Fedora 29 update for gvfs

Fedora 30 update for gvfs

OpenSUSE Linux update for gvfs