CVE-2018-1000001 - In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be use

CVE-2018-1000001

Summary

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

References

Vulnerable Configurations

cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:x64:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:x64:*
cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.24:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.24:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:x86:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

bugzilla

id	1533836
title	CVE-2018-1000001 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment glibc is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805001
comment glibc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763002
AND
comment glibc-common is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805003
comment glibc-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763004
AND
comment glibc-devel is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805005
comment glibc-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763006
AND
comment glibc-headers is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805007
comment glibc-headers is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763008
AND
comment glibc-static is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805009
comment glibc-static is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763010
AND
comment glibc-utils is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805011
comment glibc-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763012
AND
comment nscd is earlier than 0:2.17-222.el7
oval oval:com.redhat.rhsa:tst:20180805013
comment nscd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763014

rhsa

id	RHSA-2018:0805
released	2018-04-10
severity	Moderate
title	RHSA-2018:0805: glibc security, bug fix, and enhancement update (Moderate)

rpms

glibc-0:2.17-222.el7
glibc-common-0:2.17-222.el7
glibc-debuginfo-0:2.17-222.el7
glibc-debuginfo-common-0:2.17-222.el7
glibc-devel-0:2.17-222.el7
glibc-headers-0:2.17-222.el7
glibc-static-0:2.17-222.el7
glibc-utils-0:2.17-222.el7
nscd-0:2.17-222.el7

refmap via4

bid	102525
confirm	https://security.netapp.com/advisory/ntap-20190404-0003/
exploit-db	43775 44889
misc	https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/
mlist	[oss-security] 20180111 Libc Realpath Buffer Underflow CVE-2018-1000001
sectrack	1040162
ubuntu	USN-3534-1 USN-3536-1

Last major update

03-10-2019 - 00:03

Published

31-01-2018 - 14:29

Last modified

03-10-2019 - 00:03