Stay Secure with the Latest Linux Advisories

security advisorygentooprivilege escalation

Gentoo GLSA-201804-18 Normal: Tenshi Privilege Escalation Risk

Gentoo's tenshi ebuild is vulnerable to privilege escalation due to the way pid files are handled.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201804-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: tenshi: Privilege escalation Date: April 22, 2018 Bugs: #626654 ID: 201804-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Gentoo's tenshi ebuild is vulnerable to privilege escalation due to the way pid files are handled. Background ========= A log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/tenshi < 0.17 > = 0.17 Description ========== It was discovered that the tenshi ebuild creates a tenshi.pid file after dropping privileges to a non-root account. Impact ===== A local attacker could escalate privileges to root or kill arbitrary processes. Workaround ========= There is no known workaround at this time. Resolution ========= All tenshi users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/tenshi-0.17" References ========= [ 1 ] CVE-2017-11746 https://nvd.nist.gov/vuln/detail/CVE-2017-11746 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201804-18 Concerns? ======== Security is a primary focus of Gentoo Linuxand ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo GLSA-202104-27 outlines a security vulnerability in the ninja's build scripts that arises from incorrect file permission settings.. Gentoo Security,Tenshi Privilege Escalation,PID Files. . LinuxSecurity.com Team

Apr 22, 2018 Gentoo