fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 03:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://openwall.com/lists/oss-security/2017/11/27/2 - Mailing List | |
References | () http://security.cucumberlinux.com/security/details.php?id=166 - Issue Tracking, Third Party Advisory | |
References | () https://github.com/vim/vim/commit/5a73e0ca54c77e067c3b12ea6f35e3e8681e8cf8 - Patch, Third Party Advisory | |
References | () https://groups.google.com/d/msg/vim_dev/sRT9BtjLWMk/BRtSXNU4BwAJ - Issue Tracking, Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2019/08/msg00003.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html - Mailing List, Third Party Advisory | |
References | () https://usn.ubuntu.com/4582-1/ - Third Party Advisory |
Information
Published : 2017-12-01 08:29
Updated : 2024-11-21 03:17
NVD link : CVE-2017-17087
Mitre link : CVE-2017-17087
CVE.ORG link : CVE-2017-17087
JSON object : View
Products Affected
canonical
- ubuntu_linux
vim
- vim
debian
- debian_linux
CWE
CWE-668
Exposure of Resource to Wrong Sphere