CVE-2021-25317: cups: ownership of /var/log/cups allows the lp user to create files as root
First published: Wed May 05 2021(Updated: )
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions.
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Suse Cups | <1.3.9 | |
| SUSE Linux Enterprise Server | =11-sp4 | |
| Fedoraproject Fedora | =32 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 | |
| Suse Cups | <2.2.7 | |
| SUSE Manager Server | =4.0 | |
| Suse Cups | <1.7.5 | |
| SUSE OpenStack Cloud Crowbar | =9.0 | |
| openSUSE Leap | =15.2 | |
| Suse Cups | <=2.3.3op2-2.1 | |
| openSUSE Factory |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.suse.com/show_bug.cgi?id=1184161
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/
Frequently Asked Questions
What is CVE-2021-25317?
CVE-2021-25317 is an Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory.
What is the severity of CVE-2021-25317?
CVE-2021-25317 has a severity level of 3.3 (low).
How can the local attackers exploit CVE-2021-25317?
Local attackers with control of the lp users can exploit CVE-2021-25317 to create files as root with 0644 permissions.
Which software versions are affected by CVE-2021-25317?
Suse Cups versions up to 1.3.9, Suse Cups versions up to 2.2.7, Suse Cups versions up to 1.7.5, Suse Cups versions up to 2.3.3op2-2.1 are affected by CVE-2021-25317.
Are there any known fixes for CVE-2021-25317?
There is no known fix for CVE-2021-25317 at the moment.
- agent/type
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/title
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/suse
- canonical/suse cups
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp4
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/32
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34
- canonical/suse manager server
- version/suse manager server/4.0
- canonical/suse openstack cloud crowbar
- version/suse openstack cloud crowbar/9.0
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.2
- version/suse cups/2.3.3op2-2.1
- canonical/opensuse factory