nordugrid-arc-wn 6.14.0 DoS/LPE.
[Suggested description] NorduGrid nordugrid-arc-wn 6.14.0 has the arc-job-cgroup SUID binary that is vulnerable to a path traversal attack. Combined with a race condition, the attacker can write the ppid to any file as long as the file is writable by the root user.
[Vulnerability Type] Directory Traversal
[Vendor of Product] NorduGrid
[Affected Product Code Base] nordugrid-arc-wn - 6.14.0
[Affected Component] Affected executable: arc-job-cgroup Affected function: main Affected line of code: ncopied = snprintf(cgroup_path, FILENAME_MAX, "%s%s/%s", cgroup_root, controller_path, cgroup_name);
[Attack Type] Local
[Impact Denial of Service] true
[Impact Escalation of Privileges] true
[Impact Information Disclosure] true
[Attack Vectors] To exploit the vulnerability, nordugrid-arc-wn must be installed on the system and a bogus path has to be given to the SUID binary.
[Reference] https://www.nordugrid.org/
[Discoverer] Maher Azzouzi