CVE-2018-13405
First published: Thu Jul 05 2018(Updated: )
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <0:2.6.32-754.12.1.el6 | 0:2.6.32-754.12.1.el6 |
| redhat/kernel | <0:2.6.32-504.80.2.el6 | 0:2.6.32-504.80.2.el6 |
| redhat/kernel-rt | <0:3.10.0-957.rt56.910.el7 | 0:3.10.0-957.rt56.910.el7 |
| redhat/kernel-alt | <0:4.14.0-115.el7a | 0:4.14.0-115.el7a |
| redhat/kernel | <0:3.10.0-957.el7 | 0:3.10.0-957.el7 |
| redhat/kernel | <0:3.10.0-327.83.1.el7 | 0:3.10.0-327.83.1.el7 |
| redhat/kernel | <0:3.10.0-514.71.1.el7 | 0:3.10.0-514.71.1.el7 |
| redhat/kernel | <0:3.10.0-693.58.1.el7 | 0:3.10.0-693.58.1.el7 |
| redhat/kernel | <0:3.10.0-862.41.1.el7 | 0:3.10.0-862.41.1.el7 |
| redhat/kernel-rt | <1:3.10.0-693.58.1.rt56.652.el6 | 1:3.10.0-693.58.1.rt56.652.el6 |
| Linux Linux kernel | <=3.16 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Fedoraproject Fedora | =34 | |
| Fedoraproject Fedora | =35 | |
| Redhat Mrg Realtime | =2.0 | |
| Redhat Virtualization | =4.0 | |
| Redhat Enterprise Linux Aus | =7.4 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Eus | =7.4 | |
| Redhat Enterprise Linux Eus | =7.5 | |
| Redhat Enterprise Linux For Real Time | =7 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =6.6 | |
| Redhat Enterprise Linux Server Aus | =7.2 | |
| Redhat Enterprise Linux Server Aus | =7.3 | |
| Redhat Enterprise Linux Server Tus | =7.2 | |
| Redhat Enterprise Linux Server Tus | =7.3 | |
| Redhat Enterprise Linux Server Tus | =7.4 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| F5 BIG-IP Access Policy Manager | >=13.0.0<13.1.3.5 | |
| F5 BIG-IP Access Policy Manager | >=14.0.0<14.1.3.1 | |
| F5 BIG-IP Access Policy Manager | >=15.0.0<15.0.1.4 | |
| F5 BIG-IP Access Policy Manager | =15.1.0 | |
| F5 BIG-IP Access Policy Manager | =16.0.0 | |
| F5 BIG-IP Advanced Firewall Manager | >=13.0.0<13.1.3.5 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.0.0<14.1.3.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=15.0.0<15.0.1.4 | |
| F5 BIG-IP Advanced Firewall Manager | =15.1.0 | |
| F5 BIG-IP Advanced Firewall Manager | =16.0.0 | |
| F5 BIG-IP Analytics | >=13.0.0<13.1.3.5 | |
| F5 BIG-IP Analytics | >=14.0.0<14.1.3.1 | |
| F5 BIG-IP Analytics | >=15.0.0<15.0.1.4 | |
| F5 BIG-IP Analytics | =15.1.0 | |
| F5 BIG-IP Analytics | =16.0.0 | |
| F5 Big-ip Application Acceleration Manager | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Application Acceleration Manager | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Application Acceleration Manager | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Application Acceleration Manager | =15.1.0 | |
| F5 Big-ip Application Acceleration Manager | =16.0.0 | |
| F5 BIG-IP Application Security Manager | >=13.0.0<13.1.3.5 | |
| F5 BIG-IP Application Security Manager | >=14.0.0<14.1.3.1 | |
| F5 BIG-IP Application Security Manager | >=15.0.0<15.0.1.4 | |
| F5 BIG-IP Application Security Manager | =15.1.0 | |
| F5 BIG-IP Application Security Manager | =16.0.0 | |
| F5 Big-ip Domain Name System | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Domain Name System | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Domain Name System | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Domain Name System | =15.1.0 | |
| F5 Big-ip Domain Name System | =16.0.0 | |
| F5 Big-ip Edge Gateway | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Edge Gateway | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Edge Gateway | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Edge Gateway | =15.1.0 | |
| F5 Big-ip Edge Gateway | =16.0.0 | |
| F5 Big-ip Fraud Protection Service | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Fraud Protection Service | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Fraud Protection Service | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Fraud Protection Service | =15.1.0 | |
| F5 Big-ip Fraud Protection Service | =16.0.0 | |
| F5 Big-ip Global Traffic Manager | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Global Traffic Manager | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Global Traffic Manager | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Global Traffic Manager | =15.1.0 | |
| F5 Big-ip Global Traffic Manager | =16.0.0 | |
| F5 Big-ip Link Controller | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Link Controller | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Link Controller | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Link Controller | =15.1.0 | |
| F5 Big-ip Link Controller | =16.0.0 | |
| F5 Big-ip Local Traffic Manager | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Local Traffic Manager | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Local Traffic Manager | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Local Traffic Manager | =15.1.0 | |
| F5 Big-ip Local Traffic Manager | =16.0.0 | |
| F5 Big-ip Policy Enforcement Manager | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Policy Enforcement Manager | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Policy Enforcement Manager | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Policy Enforcement Manager | =15.1.0 | |
| F5 Big-ip Policy Enforcement Manager | =16.0.0 | |
| F5 Big-ip Webaccelerator | >=13.0.0<13.1.3.5 | |
| F5 Big-ip Webaccelerator | >=14.0.0<14.1.3.1 | |
| F5 Big-ip Webaccelerator | >=15.0.0<15.0.1.4 | |
| F5 Big-ip Webaccelerator | =15.1.0 | |
| F5 Big-ip Webaccelerator | =16.0.0 | |
| Google Android | ||
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2018-13405 https://nvd.nist.gov/vuln/detail/CVE-2018-13405
- https://bugzilla.redhat.com/show_bug.cgi?id=1599161
- https://access.redhat.com/errata/RHSA-2019:0717
- https://access.redhat.com/errata/RHSA-2019:2476
- https://access.redhat.com/errata/RHSA-2018:3096
- https://access.redhat.com/errata/RHSA-2018:2948
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2019:4164
- https://access.redhat.com/errata/RHSA-2019:4159
- https://access.redhat.com/errata/RHSA-2019:2696
- https://access.redhat.com/errata/RHSA-2019:2566
- https://access.redhat.com/errata/RHSA-2019:2730
- https://access.redhat.com/security/cve/CVE-2018-13405
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
- http://openwall.com/lists/oss-security/2018/07/13/2
- http://www.securityfocus.com/bid/106503
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=0b3369840cd61c23e2b9241093737b4c395cb406
- https://github.com/torvalds/linux/commit/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
- https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/
- https://support.f5.com/csp/article/K00854051
- https://twitter.com/grsecurity/status/1015082951204327425
- https://usn.ubuntu.com/3752-1/
- https://usn.ubuntu.com/3752-2/
- https://usn.ubuntu.com/3752-3/
- https://usn.ubuntu.com/3753-1/
- https://usn.ubuntu.com/3753-2/
- https://usn.ubuntu.com/3754-1/
- https://www.debian.org/security/2018/dsa-4266
- https://www.exploit-db.com/exploits/45033/
- https://launchpad.net/bugs/cve/CVE-2018-13405
- http://seclists.org/oss-sec/2018/q3/35
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1599162
- https://www.kernel.org/doc/Documentation/filesystems/xfs.txt
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRBNBX73SAFKQWBOX76SLMWPTKJPVGEJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKKIAUMR5FAYLZ7HLEPOXMKAAE3BYBQ/
- https://source.android.com/docs/security/bulletin/2019-01-01 (Advisory)
- https://git.kernel.org/linus/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
- https://www.openwall.com/lists/oss-security/2018/07/13/2
- https://security-tracker.debian.org/tracker/CVE-2018-13405
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13405
- https://nvd.nist.gov/vuln/detail/CVE-2018-13405
- https://ubuntu.com/security/CVE-2018-13405
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-13405
- agent/author
- agent/severity
- agent/weakness
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- collector/android-source
- source/Android
- agent/last-modified-date
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/3.16
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- version/fedoraproject fedora/35
- vendor/redhat
- canonical/redhat mrg realtime
- version/redhat mrg realtime/2.0
- canonical/redhat virtualization
- version/redhat virtualization/4.0
- canonical/redhat enterprise linux aus
- version/redhat enterprise linux aus/7.4
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/7.4
- version/redhat enterprise linux eus/7.5
- canonical/redhat enterprise linux for real time
- version/redhat enterprise linux for real time/7
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/6.6
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/7.2
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.4
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0
- vendor/f5
- canonical/f5 big-ip access policy manager
- version/f5 big-ip access policy manager/13.0.0
- version/f5 big-ip access policy manager/14.0.0
- version/f5 big-ip access policy manager/15.0.0
- version/f5 big-ip access policy manager/15.1.0
- version/f5 big-ip access policy manager/16.0.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/13.0.0
- version/f5 big-ip advanced firewall manager/14.0.0
- version/f5 big-ip advanced firewall manager/15.0.0
- version/f5 big-ip advanced firewall manager/15.1.0
- version/f5 big-ip advanced firewall manager/16.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/13.0.0
- version/f5 big-ip analytics/14.0.0
- version/f5 big-ip analytics/15.0.0
- version/f5 big-ip analytics/15.1.0
- version/f5 big-ip analytics/16.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/13.0.0
- version/f5 big-ip application acceleration manager/14.0.0
- version/f5 big-ip application acceleration manager/15.0.0
- version/f5 big-ip application acceleration manager/15.1.0
- version/f5 big-ip application acceleration manager/16.0.0
- canonical/f5 big-ip application security manager
- version/f5 big-ip application security manager/13.0.0
- version/f5 big-ip application security manager/14.0.0
- version/f5 big-ip application security manager/15.0.0
- version/f5 big-ip application security manager/15.1.0
- version/f5 big-ip application security manager/16.0.0
- canonical/f5 big-ip domain name system
- version/f5 big-ip domain name system/13.0.0
- version/f5 big-ip domain name system/14.0.0
- version/f5 big-ip domain name system/15.0.0
- version/f5 big-ip domain name system/15.1.0
- version/f5 big-ip domain name system/16.0.0
- canonical/f5 big-ip edge gateway
- version/f5 big-ip edge gateway/13.0.0
- version/f5 big-ip edge gateway/14.0.0
- version/f5 big-ip edge gateway/15.0.0
- version/f5 big-ip edge gateway/15.1.0
- version/f5 big-ip edge gateway/16.0.0
- canonical/f5 big-ip fraud protection service
- version/f5 big-ip fraud protection service/13.0.0
- version/f5 big-ip fraud protection service/14.0.0
- version/f5 big-ip fraud protection service/15.0.0
- version/f5 big-ip fraud protection service/15.1.0
- version/f5 big-ip fraud protection service/16.0.0
- canonical/f5 big-ip global traffic manager
- version/f5 big-ip global traffic manager/13.0.0
- version/f5 big-ip global traffic manager/14.0.0
- version/f5 big-ip global traffic manager/15.0.0
- version/f5 big-ip global traffic manager/15.1.0
- version/f5 big-ip global traffic manager/16.0.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/13.0.0
- version/f5 big-ip link controller/14.0.0
- version/f5 big-ip link controller/15.0.0
- version/f5 big-ip link controller/15.1.0
- version/f5 big-ip link controller/16.0.0
- canonical/f5 big-ip local traffic manager
- version/f5 big-ip local traffic manager/13.0.0
- version/f5 big-ip local traffic manager/14.0.0
- version/f5 big-ip local traffic manager/15.0.0
- version/f5 big-ip local traffic manager/15.1.0
- version/f5 big-ip local traffic manager/16.0.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/13.0.0
- version/f5 big-ip policy enforcement manager/14.0.0
- version/f5 big-ip policy enforcement manager/15.0.0
- version/f5 big-ip policy enforcement manager/15.1.0
- version/f5 big-ip policy enforcement manager/16.0.0
- canonical/f5 big-ip webaccelerator
- version/f5 big-ip webaccelerator/13.0.0
- version/f5 big-ip webaccelerator/14.0.0
- version/f5 big-ip webaccelerator/15.0.0
- version/f5 big-ip webaccelerator/15.1.0
- version/f5 big-ip webaccelerator/16.0.0
- vendor/google
- canonical/google android
- package-manager/debian