| id: GO-2020-0027 |
| modules: |
| - module: github.com/google/fscrypt |
| versions: |
| - fixed: 0.2.4 |
| vulnerable_at: 0.2.4-0.20180823175935-d4d88e16b54e |
| packages: |
| - package: github.com/google/fscrypt/pam |
| symbols: |
| - NewHandle |
| - Handle.StopAsPamUser |
| - Handle.StartAsPamUser |
| - package: github.com/google/fscrypt/security |
| symbols: |
| - SetProcessPrivileges |
| - setUids |
| - setGids |
| - setGroups |
| derived_symbols: |
| - FindKey |
| - InsertKey |
| - RemoveKey |
| - UserKeyringID |
| summary: Privilege escalation in github.com/google/fscrypt |
| description: |- |
| After dropping and then elevating process privileges euid, guid, and groups are |
| not properly restored to their original values, allowing an unprivileged user to |
| gain membership in the root group. |
| published: 2021-04-14T20:04:52Z |
| cves: |
| - CVE-2018-6558 |
| ghsas: |
| - GHSA-qj26-7grj-whg3 |
| references: |
| - fix: https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b |
| - web: https://github.com/google/fscrypt/issues/77 |
| review_status: REVIEWED |