CVE-2022-24986
Publication date 26 February 2022
Last updated 24 July 2024
Ubuntu priority
KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| kcron | 24.04 LTS noble |
Needs evaluation
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| 14.04 LTS trusty | Ignored |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Other references
- https://www.openwall.com/lists/oss-security/2022/02/25/3
- https://invent.kde.org/system/kcron/-/commit/ef4266e3d5ea741c4d4f442a2cb12a317d7502a1
- https://invent.kde.org/system/kcron/-/merge_requests/14 (followup fix)
- https://kde.org/info/security/advisory-20220216-1.txt
- http://www.openwall.com/lists/oss-security/2022/02/25/3
- https://apps.kde.org/kcron/
- https://www.cve.org/CVERecord?id=CVE-2022-24986