CVE-2018-0493

EUVD-2018-1316
remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
eyrieremctl
𝑥
< 3.14
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
remctl
bookworm
3.18-1
fixed
bullseye
3.17-1
fixed
jessie
not-affected
sid
3.18-1.1
fixed
trixie
3.18-1.1
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
remctl
artful
Fixed 3.13-1+deb9u1~build0.17.10.1
released
bionic
Fixed 3.13-1+deb9u1
released
cosmic
Fixed 3.13-1+deb9u1
released
disco
Fixed 3.13-1+deb9u1
released
eoan
Fixed 3.13-1+deb9u1
released
focal
Fixed 3.13-1+deb9u1
released
groovy
Fixed 3.13-1+deb9u1
released
hirsute
Fixed 3.13-1+deb9u1
released
impish
Fixed 3.13-1+deb9u1
released
jammy
Fixed 3.13-1+deb9u1
released
kinetic
Fixed 3.13-1+deb9u1
released
lunar
Fixed 3.13-1+deb9u1
released
mantic
Fixed 3.13-1+deb9u1
released
noble
Fixed 3.13-1+deb9u1
released
trusty
dne
xenial
needed
Common Weakness Enumeration
References
https://git.eyrie.org/?p=kerberos/remctl.git%3Ba=commit%3Bh=86c7e44090c988112a37589d2c7a94029eb5e641
https://www.debian.org/security/2018/dsa-4159
https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html
https://git.eyrie.org/?p=kerberos/remctl.git%3Ba=commit%3Bh=86c7e44090c988112a37589d2c7a94029eb5e641
https://www.debian.org/security/2018/dsa-4159
https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html