Ubuntu: (Multiple Advisories) (CVE-2018-13405): Linux kernel (Azure, GCP, OEM) vulnerabilities
Description
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
Solution(s)
- ubuntu-upgrade-linux-image-3-13-0-157-generic
- ubuntu-upgrade-linux-image-3-13-0-157-generic-lpae
- ubuntu-upgrade-linux-image-3-13-0-157-lowlatency
- ubuntu-upgrade-linux-image-3-13-0-157-powerpc-e500
- ubuntu-upgrade-linux-image-3-13-0-157-powerpc-e500mc
- ubuntu-upgrade-linux-image-3-13-0-157-powerpc-smp
- ubuntu-upgrade-linux-image-3-13-0-157-powerpc64-emb
- ubuntu-upgrade-linux-image-3-13-0-157-powerpc64-smp
- ubuntu-upgrade-linux-image-4-15-0-1017-oem
- ubuntu-upgrade-linux-image-4-15-0-1018-gcp
- ubuntu-upgrade-linux-image-4-15-0-1020-aws
- ubuntu-upgrade-linux-image-4-15-0-1020-kvm
- ubuntu-upgrade-linux-image-4-15-0-1021-raspi2
- ubuntu-upgrade-linux-image-4-15-0-1022-azure
- ubuntu-upgrade-linux-image-4-15-0-33-generic
- ubuntu-upgrade-linux-image-4-15-0-33-generic-lpae
- ubuntu-upgrade-linux-image-4-15-0-33-lowlatency
- ubuntu-upgrade-linux-image-4-15-0-33-snapdragon
- ubuntu-upgrade-linux-image-4-4-0-1028-aws
- ubuntu-upgrade-linux-image-4-4-0-1032-kvm
- ubuntu-upgrade-linux-image-4-4-0-1066-aws
- ubuntu-upgrade-linux-image-4-4-0-1095-raspi2
- ubuntu-upgrade-linux-image-4-4-0-1099-snapdragon
- ubuntu-upgrade-linux-image-4-4-0-134-generic
- ubuntu-upgrade-linux-image-4-4-0-134-generic-lpae
- ubuntu-upgrade-linux-image-4-4-0-134-lowlatency
- ubuntu-upgrade-linux-image-4-4-0-134-powerpc-e500mc
- ubuntu-upgrade-linux-image-4-4-0-134-powerpc-smp
- ubuntu-upgrade-linux-image-4-4-0-134-powerpc64-emb
- ubuntu-upgrade-linux-image-4-4-0-134-powerpc64-smp
- ubuntu-upgrade-linux-image-aws
- ubuntu-upgrade-linux-image-azure
- ubuntu-upgrade-linux-image-azure-edge
- ubuntu-upgrade-linux-image-gcp
- ubuntu-upgrade-linux-image-generic
- ubuntu-upgrade-linux-image-generic-hwe-16-04
- ubuntu-upgrade-linux-image-generic-lpae
- ubuntu-upgrade-linux-image-generic-lpae-hwe-16-04
- ubuntu-upgrade-linux-image-generic-lpae-lts-xenial
- ubuntu-upgrade-linux-image-generic-lts-xenial
- ubuntu-upgrade-linux-image-gke
- ubuntu-upgrade-linux-image-kvm
- ubuntu-upgrade-linux-image-lowlatency
- ubuntu-upgrade-linux-image-lowlatency-hwe-16-04
- ubuntu-upgrade-linux-image-lowlatency-lts-xenial
- ubuntu-upgrade-linux-image-oem
- ubuntu-upgrade-linux-image-powerpc-e500
- ubuntu-upgrade-linux-image-powerpc-e500mc
- ubuntu-upgrade-linux-image-powerpc-e500mc-lts-xenial
- ubuntu-upgrade-linux-image-powerpc-smp
- ubuntu-upgrade-linux-image-powerpc-smp-lts-xenial
- ubuntu-upgrade-linux-image-powerpc64-emb
- ubuntu-upgrade-linux-image-powerpc64-emb-lts-xenial
- ubuntu-upgrade-linux-image-powerpc64-smp
- ubuntu-upgrade-linux-image-powerpc64-smp-lts-xenial
- ubuntu-upgrade-linux-image-raspi2
- ubuntu-upgrade-linux-image-snapdragon
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center