CVE-2012-5638
First published: Thu Dec 13 2012(Updated: )
The sanlock server creates the /var/log/sanlock.log world writable allowing any one on the system to wipe the contents of the log file or to store data within the log file (bypassing any quotas applied to their account). The affected code is: src/log.h int setup_logging(void) { int fd, rv; snprintf(logfile_path, PATH_MAX, "%s/%s", SANLK_LOG_DIR, SANLK_LOGFILE_NAME); logfile_fp = fopen(logfile_path, "a+");
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| oVirt Sanlock |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-5638?
CVE-2012-5638 is considered a medium severity vulnerability due to its potential for misuse by local users.
How do I fix CVE-2012-5638?
To fix CVE-2012-5638, ensure that the log file at /var/log/sanlock.log is set to a more restrictive permission, such as 644.
Who is affected by CVE-2012-5638?
CVE-2012-5638 affects systems running the oVirt Sanlock service that are using the vulnerable logging configuration.
What are the risks of CVE-2012-5638?
The risks of CVE-2012-5638 include the ability for unauthorized users to modify or delete log contents, which can lead to loss of important logging information.
Is a patch available for CVE-2012-5638?
Yes, patches are available in the vendor's security updates for oVirt Sanlock to address CVE-2012-5638.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-5638
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ovirt
- canonical/ovirt sanlock