Description

An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.

Remediation

References

CVE-2018-12615

Related Vulnerabilities

Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-4858)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5876)

PHP Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2020-7070)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)

Severity

Medium

Classification

CVE-2018-12615 CWE-732 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities