CVE-2018-14348

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
14/08/2018
Last modified:
07/11/2023

Description

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:libcgroup_project:libcgroup:*:*:*:*:*:*:*:* 0.41 (including)
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*