CVE-2018-6557

The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
base-files_projectbase-files
10.1ubuntu2.2:ubuntu2.2
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
base-files
bullseye
11.1+deb11u11
fixed
bookworm
12.4+deb12u7
fixed
sid
13.5
fixed
trixie
13.5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
base-files
bionic
Fixed 10.1ubuntu2.2
released
xenial
not-affected
trusty
not-affected
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/105148
http://www.securitytracker.com/id/1041530
https://usn.ubuntu.com/3748-1/
http://www.securityfocus.com/bid/105148
http://www.securitytracker.com/id/1041530
https://usn.ubuntu.com/3748-1/