CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
trousers_projecttrousers
𝑥
≤ 0.3.14
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
trousers
bookworm
0.3.15-0.3
fixed
bullseye
unimportant
sid
0.3.15-0.4
fixed
trixie
0.3.15-0.4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
trousers
bionic
needs-triage
focal
needs-triage
groovy
ignored
hirsute
ignored
impish
ignored
jammy
not-affected
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libtspi1
suse enterprise desktop 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise desktop 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise sap 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise sap 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise server 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise server 15 SP7
0.3.15-150600.10.3.1
fixed
trousers
suse enterprise desktop 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise desktop 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise sap 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise sap 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise server 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise server 15 SP7
0.3.15-150600.10.3.1
fixed
trousers-devel
suse enterprise desktop 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise desktop 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise desktop 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise sap 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise sap 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise sap 15 SP7
0.3.15-150600.10.3.1
fixed
suse enterprise server 15 SP4
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP5
0.3.15-150400.1.10
fixed
suse enterprise server 15 SP6
0.3.15-150600.8.2
fixed
suse enterprise server 15 SP7
0.3.15-150600.10.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
trousers
RHEL 8
0:0.3.15-1.el8
fixed
trousers-devel
RHEL 8
0:0.3.15-1.el8
fixed
trousers-lib
RHEL 8
0:0.3.15-1.el8
fixed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2020/08/14/1
https://bugzilla.suse.com/show_bug.cgi?id=1164472
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SSDL7COIFCZQMUBNAASNMKMX7W5JUHRD/
https://seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patch
https://sourceforge.net/p/trousers/mailman/message/37015817/
http://www.openwall.com/lists/oss-security/2020/08/14/1
https://bugzilla.suse.com/show_bug.cgi?id=1164472
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SSDL7COIFCZQMUBNAASNMKMX7W5JUHRD/
https://seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patch
https://sourceforge.net/p/trousers/mailman/message/37015817/