SB2021020416 - Incorrect permission assignment for critical resource in doas (Alpine package)
Published: February 4, 2021
Security Bulletin ID
SB2021020416
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Incorrect permission assignment for critical resource (CVE-ID: CVE-2019-25016)
The vulnerability allows a remote authenticated user to execute arbitrary code.
In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this issue.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=5da52751c79e7e819e12094c84c3c57e45c1c662
- https://git.alpinelinux.org/aports/commit/?id=3433f0dd4a3a3dc06b9a6cdd2313f040b0f048e2
- https://git.alpinelinux.org/aports/commit/?id=bc622eb11fe50937e452680897c31a2e0b65f255
- https://git.alpinelinux.org/aports/commit/?id=d59e09c177635f08f1c2b8de4ae88cbb3301aa8b
- https://git.alpinelinux.org/aports/commit/?id=eb28892c1f366e79c508714aad77e03accc17705