Bug 1039138 - (CVE-2017-8933) VUL-0: CVE-2017-8933: menu-cache: predictable and public-writable socket placed in /tmp
VUL-0: CVE-2017-8933: menu-cache: predictable and public-writable socket plac...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other openSUSE 42.2
: P3 - Medium : Normal
: unspecified
Assigned To: andrea florio
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2017-05-15 15:55 UTC by Mikhail Kasimov
Modified: 2017-05-19 09:46 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2017-05-15 15:55:18 UTC
Ref: http://seclists.org/oss-sec/2017/q2/260
The socket placed in /tmp is predictable and public-writable. Therefore
if one user placed a symlink to another socket instead of socket for
another use then said another user will either be unable to get menu, or
will receive menu of some other user.

This bug has been assigned to CVE-2017-8933 [1].  A fix has been
committed to menu-cache's git repository [2].  LXDE developers are
working on a release which fixes the problem.

[1]: https://git.lxde.org/gitweb/?p=lxde/menu-cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce

(open-)SUSE: https://software.opensuse.org/package/libmenu-cache3

1.0.2 (TW, official)
1.0.0 (42.{1,2}, official)
Comment 1 Andreas Stieger 2017-05-19 09:46:14 UTC
openSUSE only. Source package is menu-cache. Assign to maintainer.