CVE-2019-12779 — Link Following in Libqb

CWE-59 — Link Following CWE-377 — Insecure Temporary File6 documents6 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 91.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clusterlabs Libqb Debian Libqb

Timeline

PublishedJun 7

Latest updateMay 24

Description

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages3 packages

▶debiandebian/libqb< libqb 1.0.4-1 (bookworm)

▶NVDclusterlabs/libqb< 1.0.5

▶Debianclusterlabs/libqb< 1.0.4-1+3

Patches

Patch: bugzilla.redhat.com ↗Patch: github.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-wc62-h53h-g8qf: libqb before 1↗2022-05-24

▶

OSV

CVE-2019-12779: libqb before 1↗2019-06-07

▶

📋Vendor Advisories

Red Hat

libqb: Insecure treatment of IPC (temporary) files↗2019-04-03

▶

Debian

CVE-2019-12779: libqb - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink...↗2019

▶

💬Community

Bugzilla

CVE-2019-12779 libqb: Insecure treatment of IPC (temporary) files↗2019-04-03

▶