CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users belonging to the wheel group to further escalate its privileges by modifying system files without user's knowledge. Successful exploitation requires uncommon system configuration.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
redhatCNA
7 HIGH
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
gnomegvfs
𝑥
< 1.39.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gvfs
bullseye
1.46.2-1
fixed
stretch
no-dsa
jessie
not-affected
bookworm
1.50.3-1
fixed
sid
1.56.1-1
fixed
trixie
1.56.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gvfs
cosmic
Fixed 1.38.1-0ubuntu1.2
released
bionic
Fixed 1.36.1-0ubuntu1.3
released
xenial
not-affected
trusty
dne
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2019:1517
https://access.redhat.com/errata/RHSA-2019:2145
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3827
https://gitlab.gnome.org/GNOME/gvfs/merge_requests/31
https://access.redhat.com/errata/RHSA-2019:1517
https://access.redhat.com/errata/RHSA-2019:2145
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3827
https://gitlab.gnome.org/GNOME/gvfs/merge_requests/31