First published: Thu Dec 13 2012(Updated: )
The sanlock server creates the /var/log/sanlock.log world writable allowing any one on the system to wipe the contents of the log file or to store data within the log file (bypassing any quotas applied to their account). The affected code is: src/log.h int setup_logging(void) { int fd, rv; snprintf(logfile_path, PATH_MAX, "%s/%s", SANLK_LOG_DIR, SANLK_LOGFILE_NAME); logfile_fp = fopen(logfile_path, "a+");
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
oVirt Sanlock |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-5638 is considered a medium severity vulnerability due to its potential for misuse by local users.
To fix CVE-2012-5638, ensure that the log file at /var/log/sanlock.log is set to a more restrictive permission, such as 644.
CVE-2012-5638 affects systems running the oVirt Sanlock service that are using the vulnerable logging configuration.
The risks of CVE-2012-5638 include the ability for unauthorized users to modify or delete log contents, which can lead to loss of important logging information.
Yes, patches are available in the vendor's security updates for oVirt Sanlock to address CVE-2012-5638.