Wind River Support Network

HomeDefectsLIN8-9672

Fixed

LIN8-9672 : Security Advisory - cups - CVE-2018-4183

Created: Aug 15, 2018 Updated: Jan 21, 2019

Resolved Date: Aug 20, 2018

Found In Version: 8.0.0.26

Fix Version: 8.0.0.27

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The sandbox profile dynamically generated by cupsdCreateProfile() unintentionally allows write access to /etc/cups.  This can be used by an attacker that has obtained sandboxed root access to alter /etc/cups/cups-files.conf, leading to unsandboxed root code execution.

https://nvd.nist.gov/vuln/detail/CVE-2018-4183

Other Downloads

Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2018-4183