CVE-2018-16359

6.8MEDIUM

Key Information:

Vendor: Google
Status: Gvisor
Vendor: CVE Published:; 2 September 2018

Summary

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS.

References

https://bugs.chromium.org/p/project-zero/issues/detail?id...

x_refsource_MISC

https://github.com/google/gvisor/commit/001a4c2493b13a43d...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 2, 2018
Vulnerability Reserved
Sep 2, 2018

Collectors

NVD DatabaseMitre Database