We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-52336

Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root



Description

A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with `script_pre` or `script_post` options that permit arbitrary scripts with their absolute paths to be passed. These user or attacker-controlled executable scripts or programs could then be executed by Tuned with root privileges that could allow attackers to local privilege escalation.

Reserved 2024-11-08 | Published 2024-11-26 | Updated 2024-12-05 | Assigner redhat


HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

Improper Privilege Management

Product status

Default status
affected

0:2.24.0-2.el9_5 before *
unaffected

Default status
affected

0:2.24.0-2.el9_5 before *
unaffected

Default status
unaffected

Default status
affected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Timeline

2024-11-08:Reported to Red Hat.
2024-11-26:Made public.

Credits

Red Hat would like to thank Matthias Gerstner (SUSE Security Team) for reporting this issue.

References

access.redhat.com/errata/RHSA-2024:10384 (RHSA-2024:10384) vendor-advisory

access.redhat.com/security/cve/CVE-2024-52336 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2324540 (RHBZ#2324540) issue-tracking

security.opensuse.org/2024/11/26/tuned-instance-create.html

www.openwall.com/lists/oss-security/2024/11/28/1

cve.org (CVE-2024-52336)

nvd.nist.gov (CVE-2024-52336)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-52336

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.