CVE-2017-9780
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.
Published
2017-06-21T15:29:00.177
Last Modified
2025-04-20T01:37:25.860
Status
Deferred
Source
[email protected]
Severity
CVSSv3.0: 7.8 (HIGH)
CVSSv2 Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
- Access Vector: LOCAL
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
3.9
Impact Score
10.0
Weaknesses
Affected Vendors & Products
References
-
http://www.debian.org/security/2017/dsa-3895
Third Party Advisory
([email protected])
-
http://www.securityfocus.com/bid/99346
Third Party Advisory, VDB Entry
([email protected])
-
https://bugs.debian.org/865413
Issue Tracking, Patch, Third Party Advisory
([email protected])
-
https://github.com/flatpak/flatpak/issues/845
Issue Tracking, Patch, Third Party Advisory
([email protected])
-
http://www.debian.org/security/2017/dsa-3895
Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securityfocus.com/bid/99346
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://bugs.debian.org/865413
Issue Tracking, Patch, Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://github.com/flatpak/flatpak/issues/845
Issue Tracking, Patch, Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)