CVE-2014-4038 : ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink a

ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.

Published 2014-06-17 15:55:06

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2014-4038

Redhat » Enterprise Linux Server » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 11 Update SP3
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*
Matching versions
Ppc64-diag Project » Ppc64-diag » Version: 2.6.1
cpe:2.3:a:ppc64-diag_project:ppc64-diag:2.6.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-4038

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-4038

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.4	MEDIUM	AV:L/AC:M/Au:N/C:P/I:P/A:P	3.4	6.4	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2014-4038

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-4038

https://bugzilla.novell.com/show_bug.cgi?id=882667

Bug 882667 – VUL-0: CVE-2014-4038: ppc64-diag: /tmp race in ppc64-diag
Issue Tracking
http://secunia.com/advisories/60616

Sign in

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2015-0383.html

RHSA-2015:0383 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2015-1320.html

RHSA-2015:1320 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/68049

ppc64-diag CVE-2014-4038 Multiple Race Condition Vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1109371

1109371 – (CVE-2014-4038, CVE-2014-4039) CVE-2014-4038 CVE-2014-4039 ppc64-diag: multiple temporary file races
Issue Tracking

CVEs referencing this url
http://openwall.com/lists/oss-security/2014/06/17/1

oss-security - Re: CVE request: multiple /tmp races in ppc64-diag
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html

[security-announce] SUSE-SU-2014:0928-1: important: Security update for
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2014-4038

Products affected by CVE-2014-4038

Exploit prediction scoring system (EPSS) score for CVE-2014-4038

CVSS scores for CVE-2014-4038

CWE ids for CVE-2014-4038

References for CVE-2014-4038