CVE-2021-32555

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Jun 12, 2021 / Updated: 41mo ago

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2021-32555. See article

May 25, 2021 at 7:17 PM / vulners.com
EPSS

EPSS Score was set to: 0.04% (Percentile: 5.7%)

Sep 23, 2023 at 12:39 PM
Static CVE Timeline Graph

Affected Systems

Canonical/ubuntu_linux
+null more

Patches

bugs.launchpad.net
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

News

Vulnerability Summary for the Week of June 14, 2021
Original release date: June 21, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info bloofox -- bloofoxcms bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). 2021-06-16 7.5 CVE-2020-35760 MISC google -- android In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-177611958 2021-06-11 10 CVE-2021-0474 MISC google -- android In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed.
Low CVE-2021-32555: Canonical Ubuntu linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users. CVSS Base Score Impact Subscore Exploitability Subscore
New post from (CVE-2021-32555 (ubuntu_linux)) has been published on
New post from sesin.at (CVE-2021-32555 (ubuntu_linux)) has been published on sesin.at/2021/06/16/cve… - www.sesin.at (@www_sesin_at) 08:20 - Jun 16, 2021
🚨 NEW: CVE-2021-32555 🚨 It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose pr... (click for more) Severity: MEDIUM
🚨 NEW: CVE-2021-32555 🚨 It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose pr... (click for more) Severity: MEDIUM nvd.nist.gov/vuln/detail/CV… - Threat Intel Center (@threatintelctr) 06:30 - Jun 16, 2021
Vulnerability Summary for the Week of June 7, 2021
Original release date: June 14, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info aomedia -- aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. 2021-06-04 7.5 CVE-2021-30475 MISC MISC broadcom -- sannav Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). 2021-06-09 7.5 CVE-2020-15377 MISC chiyu-tech -- bf-430_firmware An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated. 2021-06-04 7.5 CVE-2021-31251 CONFIRM MISC MISC linux -- linux_kernel The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1). 2021-06-04 7.2 CVE-2021-3489 MISC UBUNTU UBUNTU MISC MLIST linux -- linux_kernel The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution.
See 27 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI