CVE-2018-19044 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-19044 Interim 1 43 2025-08-14T02:24:10Z current 2021-05-30T14:18:26Z 2025-08-14T02:24:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-19044 keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2020-March/006642.html E-Mail link for SUSE-SU-2020:0779-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LPNDDXN6G3SVZDGT6Z4UW6FOCL26FNJG/#LPNDDXN6G3SVZDGT6Z4UW6FOCL26FNJG E-Mail link for openSUSE-SU-2018:4212-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GR44ODUUJXCGBNRL6GBNQ65ENNLDYGJI/#GR44ODUUJXCGBNRL6GBNQ65ENNLDYGJI E-Mail link for openSUSE-SU-2018:4213-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Container ses/7.1/ceph/keepalived:2.0.19.2.2.10 SUSE Liberty Linux 7 SUSE Linux Enterprise High Availability Extension 15 SP1 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 SUSE Package Hub 12 SUSE Package Hub 15 openSUSE Leap 15.0 openSUSE Tumbleweed keepalived keepalived-1.3.5-16.el7 keepalived-2.0.10-6.1 keepalived-2.0.10-bp150.3.4.1 keepalived-2.0.10-lp150.3.4.1 keepalived-2.0.19-3.3.1 keepalived-2.2.2-150400.3.5.1 keepalived-2.2.2-150400.3.7.2 keepalived-2.2.2-150500.6.2 keepalived-2.2.2-4.2 keepalived-2.2.8-1.11 keepalived-2.2.8-slfo.1.1_1.2 keepalived-2.0.19-3.3.1 as a component of Container ses/7.1/ceph/keepalived:2.0.19.2.2.10 keepalived-1.3.5-16.el7 as a component of SUSE Liberty Linux 7 keepalived-2.0.19-3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 keepalived-2.0.19-3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 keepalived-2.0.19-3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 keepalived-2.2.2-150400.3.5.1 as a component of SUSE Linux Enterprise Micro 5.3 keepalived-2.2.2-150400.3.7.2 as a component of SUSE Linux Enterprise Micro 5.4 keepalived-2.2.2-150500.6.2 as a component of SUSE Linux Enterprise Micro 5.5 keepalived-2.2.8-1.11 as a component of SUSE Linux Micro 6.0 keepalived-2.2.8-slfo.1.1_1.2 as a component of SUSE Linux Micro 6.1 keepalived-2.0.10-6.1 as a component of SUSE Package Hub 12 keepalived-2.0.10-bp150.3.4.1 as a component of SUSE Package Hub 15 keepalived-2.0.10-lp150.3.4.1 as a component of openSUSE Leap 15.0 keepalived-2.2.2-4.2 as a component of openSUSE Tumbleweed keepalived as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 keepalived as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd. CVE-2018-19044 Container ses/7.1/ceph/keepalived:2.0.19.2.2.10:keepalived-2.0.19-3.3.1 SUSE Liberty Linux 7:keepalived-1.3.5-16.el7 SUSE Linux Enterprise High Availability Extension 15 SP1:keepalived-2.0.19-3.3.1 SUSE Linux Enterprise High Availability Extension 15 SP2:keepalived-2.0.19-3.3.1 SUSE Linux Enterprise High Availability Extension 15 SP3:keepalived-2.0.19-3.3.1 SUSE Linux Enterprise Micro 5.3:keepalived-2.2.2-150400.3.5.1 SUSE Linux Enterprise Micro 5.4:keepalived-2.2.2-150400.3.7.2 SUSE Linux Enterprise Micro 5.5:keepalived-2.2.2-150500.6.2 SUSE Linux Micro 6.0:keepalived-2.2.8-1.11 SUSE Linux Micro 6.1:keepalived-2.2.8-slfo.1.1_1.2 SUSE Package Hub 12:keepalived-2.0.10-6.1 SUSE Package Hub 15:keepalived-2.0.10-bp150.3.4.1 openSUSE Leap 15.0:keepalived-2.0.10-lp150.3.4.1 openSUSE Tumbleweed:keepalived-2.2.2-4.2 important 3.3 AV:L/AC:M/Au:N/C:N/I:P/A:P 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H