CVE-2024-5742

CWE-59 CWE-3779 documents8 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 75.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Nano Redhat Enterprise Linux

Timeline

PublishedJun 12

Latest updateOct 29

Description

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶NVDgnu/nano2.2.0 — 8.0

▶Debiannano< 5.4-2+deb11u3+3

Also affects: Enterprise Linux 6.0, 7.0, 8.0, 9.0

🔴Vulnerability Details

GHSA

GHSA-ffhx-2rrf-9c23: A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file↗2024-06-12

▶

CVEList

Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file↗2024-06-12

▶

OSV

CVE-2024-5742: A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file↗2024-06-12

▶

📋Vendor Advisories

Ubuntu

nano vulnerability↗2024-10-29

▶

Ubuntu

nano vulnerability↗2024-10-15

▶

Microsoft

Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file↗2024-06-11

▶

Red Hat

nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file↗2024-04-28

▶

Debian

CVE-2024-5742: nano - A vulnerability was found in GNU Nano that allows a possible privilege escalatio...↗2024

▶