CVE-2018-19045
Published: 8 November 2018
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
Notes
| Author | Note |
|---|---|
| mdeslaur | xenial and earlier don't have dbus support |
Priority
CVSS 3 base score: 7.5
Status
| Package | Release | Status |
|---|---|---|
|
keepalived Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| cosmic |
Ignored
(reached end-of-life)
|
|
| disco |
Not vulnerable
(1:2.0.10-1)
|
|
| eoan |
Not vulnerable
(1:2.0.10-1)
|
|
| focal |
Not vulnerable
(1:2.0.10-1)
|
|
| groovy |
Not vulnerable
(1:2.0.10-1)
|
|
| hirsute |
Not vulnerable
(1:2.0.10-1)
|
|
| impish |
Not vulnerable
(1:2.0.10-1)
|
|
| jammy |
Not vulnerable
(1:2.0.10-1)
|
|
| kinetic |
Not vulnerable
(1:2.0.10-1)
|
|
| precise |
Not vulnerable
(code not present)
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Released
(2.0.9)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
|
Patches: upstream: https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067 upstream: https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6 |
||