CVE-2018-12615Incorrect Permission Assignment in Passenger

CWE-732Incorrect Permission AssignmentCWE-271Privilege Dropping / Lowering Errors9 documents7 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 58.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phusion Passenger
Timeline
PublishedJun 21
Latest updateMay 13

Description

An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDphusion/passenger< 5.3.2
RubyGemsphusion/passenger< 5.3.2

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
Phusion Passenger incorrect permission assignment2022-05-13
GHSA
Phusion Passenger incorrect permission assignment2022-05-13
CVEList
CVE-2018-12615: An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain2018-06-21

📋Vendor Advisories

2
Red Hat
passenger: privilege lowering in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp2018-05-29
Debian
CVE-2018-12615: passenger - An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp ...2018

💬Community

3
Bugzilla
CVE-2018-12615 passenger: privilege lowering in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp2018-06-22
Bugzilla
CVE-2018-12615 passenger: privilege lowering in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp [epel-7]2018-06-22
Bugzilla
CVE-2018-12615 passenger: privilege lowering in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp [fedora-all]2018-06-22
CVE-2018-12615 — Incorrect Permission Assignment | cvebase