CVE-2023-30630 — Relative Path Traversal in Dmidecode

CWE-23 — Relative Path Traversal CWE-269 — Improper Privilege Management7 documents6 sources

Severity

7.1HIGHNVD

OSV6.5

EPSS

0.0%

top 87.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nongnu Dmidecode Debian Dmidecode Msrc Cbl2 Dmidecode 3.5-1 ON CBL Mariner 2.0 +2 more

Timeline

PublishedApr 13

Latest updateApr 25

Description

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages6 packages

▶NVDnongnu/dmidecode< 3.5

▶debiandebian/dmidecode< dmidecode 3.5-1 (forky)

▶Debiannongnu/dmidecode< 3.5-1+1

▶msrcmsrc/cbl2_dmidecode_3.5-1_on_cbl_mariner_2.0

▶msrcmsrc/cbl_mariner_2.0_arm

Patches

Patch: lists.nongnu.org ↗Patch: lists.nongnu.org ↗

🔴Vulnerability Details

OSV

golang-1.18 vulnerabilities↗2023-04-25

▶

OSV

CVE-2023-30630: Dmidecode before 3↗2023-04-13

▶

GHSA

GHSA-9r2p-xmm5-5ppg: Dmidecode before 3↗2023-04-13

▶

📋Vendor Advisories

Red Hat

dmidecode: dump-bin to overwrite a local file↗2023-04-13

▶

Microsoft

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because for example execution of Dmidecode via Sudo is plausible.↗2023-04-11

▶

Debian

CVE-2023-30630: dmidecode - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has securi...↗2023

▶