CVE-2017-9780
Last modified
CVE-2017-9780 is a vulnerability of currently unknown severity. In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Flatpak | Flatpak | <= 0.8.6 |
| Debian | Debian Linux | 9.0 |
References
- http://www.debian.org/security/2017/dsa-3895Third Party Advisory
- http://www.securityfocus.com/bid/99346Third Party Advisory, VDB Entry
- https://bugs.debian.org/865413Issue Tracking, Patch, Third Party Advisory
- https://github.com/flatpak/flatpak/issues/845Issue Tracking, Patch, Third Party Advisory
- http://www.debian.org/security/2017/dsa-3895Third Party Advisory
- http://www.securityfocus.com/bid/99346Third Party Advisory, VDB Entry
- https://bugs.debian.org/865413Issue Tracking, Patch, Third Party Advisory
- https://github.com/flatpak/flatpak/issues/845Issue Tracking, Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-9780?
How severe is CVE-2017-9780?
How do I fix CVE-2017-9780?
Are you affected by CVE-2017-9780?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST