Products
wpa_supplicant
Source
security@ubuntu.com
Tags
CVE-2024-5290 details
Published : Aug. 7, 2024, 9:16 a.m.
Last Modified : Aug. 7, 2024, 3:17 p.m.
Last Modified : Aug. 7, 2024, 3:17 p.m.
Description
An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8.8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-427 | Uncontrolled Search Path Element | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
8.8
Exploitability Score
2.0
Impact Score
6.0
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
URL | Source |
---|---|
https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613 | security@ubuntu.com |
https://ubuntu.com/security/notices/USN-6945-1 | security@ubuntu.com |
This website uses the NVD API, but is not approved or certified by it.