FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-5742

Insecure Temporary File (CWE-377)

Published: Jun 12, 2024 / Updated: 5mo ago

010
CVSS 6.7EPSS 0.04%Medium
CVE info copied to clipboard

Summary

A vulnerability in GNU Nano allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, it saves an emergency file with the permissions of the running user, providing an opportunity for attackers to escalate privileges through a malicious symlink.

Impact

An attacker can potentially gain higher privileges on the system by creating a symlink pointing to a sensitive file and tricking Nano into writing data to it during an emergency save. This can lead to unauthorized access, data tampering, or further compromises. The vulnerability affects GNU Nano versions from 2.2.0 up to but not including 8.0. It also impacts various versions of Red Hat Enterprise Linux (6.0, 7.0, 8.0, and 9.0).

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

While there is no explicit patch information provided, security teams should monitor for and apply the latest version of GNU Nano once a fix is released. The vulnerability affects versions from 2.2.0 up to but not including 8.0, so updating to version 8.0 or later (when available) should address this issue.

Mitigation

As a mitigation, restrict access to Nano or disable it entirely if not required. Also, follow least privilege principles, run Nano with minimal permissions, and monitor temporary file creation on the system. For affected Red Hat Enterprise Linux versions, check the provided Red Hat Security Advisory (https://access.redhat.com/security/cve/CVE-2024-5742) for specific mitigation steps or patches.

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-5742. See article

Jun 7, 2024 at 5:41 PM / VulDB Recent Entries
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Jun 7, 2024 at 5:41 PM
CVE Assignment

NVD published the first details for CVE-2024-5742

Jun 12, 2024 at 9:15 AM
CVSS

A CVSS base score of 4.7 has been assigned.

Jun 12, 2024 at 9:20 AM / nvd
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Jun 12, 2024 at 9:24 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (200394)

Jun 12, 2024 at 11:15 AM
Trending

This CVE started to trend in security discussions

Jun 12, 2024 at 1:10 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9%)

Jun 13, 2024 at 3:51 PM
Trending

This CVE stopped trending in security discussions

Jun 14, 2024 at 12:40 AM
Static CVE Timeline Graph

Affected Systems

Redhat/enterprise_linux
+null more

Patches

access.redhat.com
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-155: Screen Temporary Files for Sensitive Information
+null more

References

RHSA-2024:9430: Low: nano security update
Red Hat security updates / 7d
An update for nano is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
RHSA-2024:6986: Low: nano security update
Red Hat security updates / 57d
An update for nano is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Enterprise Linux for Power, little endian 8 ppc64le

News

KRB5, Python, Libvirt, and more updates for AlmaLinux
Linux Compatible / 22h
The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2024-9452.html
redhat RHSA-2024:9430: RHSA-2024:9430: nano security update (Low)
Recently Released Plugin Pipeline from Tenable / 7d
Released Last Updated: 11/12/2024 CVEs: CVE-2024-5742 Plugins: 210805
RHEL 9 : nano (RHSA-2024:9430)
Newest Nessus Plugins from Tenable / 7d
Nessus Plugin ID 210805 with Medium Severity Synopsis The remote Red Hat host is missing a security update for nano. Description The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9430 advisory. GNU nano is a small and friendly text editor. Security Fix(es): * nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file (CVE-2024-5742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section. Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Red Hat Enterprise Linux 9 update for nano
Security feed from CyberSecurity Help / 7d
Successful exploitation of this vulnerability may result in privilege escalation. The vulnerability allows a local user to escalate privileges on the system.
RHSA-2024:9430: Low: nano security update
Red Hat security updates / 7d
An update for nano is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
See 41 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:High
Privileges Required:Low
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 6.7(29815)CWE-377(68)CWE-59(1181)Redhat(5492)Gnu(1102)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial