Vulnerability Details : CVE-2017-9780
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.
Products affected by CVE-2017-9780
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-9780
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-9780
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-9780
-
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-9780
-
https://bugs.debian.org/865413
#865413 - flatpak: CVE-2017-9780: Flatpak security issue - Debian Bug report logsIssue Tracking;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/99346
Flatpak CVE-2017-9780 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/flatpak/flatpak/issues/845
handling suid/world-writable content · Issue #845 · flatpak/flatpak · GitHubIssue Tracking;Patch;Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3895
Debian -- Security Information -- DSA-3895-1 flatpakThird Party Advisory
Jump to