Published: 11 February 2019
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users belonging to the wheel group to further escalate its privileges by modifying system files without user's knowledge. Successful exploitation requires uncommon system configuration.
CVSS 3 base score: 7.0
Launchpad, Ubuntu, Debian
|Ubuntu 18.04 LTS (Bionic Beaver)||
|Ubuntu 16.04 ESM (Xenial Xerus)||
(code not present)
|Ubuntu 14.04 ESM (Trusty Tahr)||
Does not exist
(trusty was not-affected [code not present])
Affecting vgfs since 1.29.4 where admin backend was introduced.