Home CVE Database CVE-2018-4183

CVE-2018-4183

Description

The sandbox profile dynamically generated by cupsdCreateProfile() unintentionally allows write access to /etc/cups. This can be used by an attacker that has obtained sandboxed root access to alter /etc/cups/cups-files.conf, leading to unsandboxed root code execution.

Priority: HIGH
CVSS v3: 8.2
Publish Date: Aug 14, 2018
Related ID: --
CVSS v2: HIGH
Modified Date: Aug 14, 2018

Find out more about CVE-2018-4183 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

cups

Live chat
Online