CVE-2019-10143Execution with Unnecessary Privileges in Freeradius

CWE-250Execution with Unnecessary PrivilegesCWE-266Incorrect Privilege AssignmentCWE-362Race ConditionCWE-276Incorrect Default Permissions9 documents7 sources
Severity
7.0HIGHNVD
OSV4.4
EPSS
0.1%
top 77.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
FreeradiusFedoraproject FedoraRedhat Enterprise Linux
Timeline
PublishedMay 24
Latest updateMay 24

Description

It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

Debianfreeradius/freeradius< 3.2.6+dfsg-3+1
CVEListV5freeradius/freeradiusaffects <= 3.0.19

Also affects: Fedora 29, 30, Enterprise Linux 8.0

🔴Vulnerability Details

4
GHSA
GHSA-5x22-w79m-34gq: It was discovered freeradius up to and including version 32022-05-24
OSV
mariadb vulnerabilities2019-11-20
CVEList
CVE-2019-10143: It was discovered freeradius up to and including version 32019-05-24
OSV
CVE-2019-10143: It was discovered freeradius up to and including version 32019-05-24

📋Vendor Advisories

2
Red Hat
freeradius: privilege escalation due to insecure logrotate configuration2019-05-01
Debian
CVE-2019-10143: freeradius - It was discovered freeradius up to and including version 3.0.19 does not correct...2019

💬Community

2
Bugzilla
CVE-2019-10143 freeradius: privilege escalation due to insecure logrotate configuration2019-05-02
Bugzilla
CVE-2019-10143 freeradius: privilege escalation due to insecure logrotate configuration [fedora-all]2019-05-02