Giters

MaherAzzouzi / CVE-2023-31443

nordugrid-arc-wn 6.14.0 DoS/LPE.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-31443

nordugrid-arc-wn 6.14.0 DoS/LPE.

[Suggested description] NorduGrid nordugrid-arc-wn 6.14.0 has the arc-job-cgroup SUID binary that is vulnerable to a path traversal attack. Combined with a race condition, the attacker can write the ppid to any file as long as the file is writable by the root user.

[Vulnerability Type] Directory Traversal

[Vendor of Product] NorduGrid

[Affected Product Code Base] nordugrid-arc-wn - 6.14.0

[Affected Component] Affected executable: arc-job-cgroup Affected function: main Affected line of code: ncopied = snprintf(cgroup_path, FILENAME_MAX, "%s%s/%s", cgroup_root, controller_path, cgroup_name);

[Attack Type] Local

[Impact Denial of Service] true

[Impact Escalation of Privileges] true

[Impact Information Disclosure] true

[Attack Vectors] To exploit the vulnerability, nordugrid-arc-wn must be installed on the system and a bogus path has to be given to the SUID binary.

[Reference] https://www.nordugrid.org/

[Discoverer] Maher Azzouzi

About

nordugrid-arc-wn 6.14.0 DoS/LPE.