Security Advisories

FSC-2018-3: Local Non-Root User Can Rename System Files

Description

A local user can rename arbitrary files to *.virus.

Status: Resolved. Hotfix 7 has been released to fix this vulnerability: https://www.f-secure.com/en/web/business_global/downloads/linux-security

Affected Products

Risk Level (Low/Medium/High/Critical): Low

  •  F-Secure Linux Security

Platforms

Risk Level (Low/Medium/High/Critical): Low

  • All supported platforms for the affected products

More Information

It is possible for a local non-root user to cause arbitrary system files to be renamed to *.virus, leading to a permanent corruption (DoS) of the operating system. This vulnerability affects F-Secure Linux Security and requires that an attacker has gained prior access to a non-privileged user account on the machine.

This issue and a Proof-of-Concept exploit were reported privately to F-Secure as part of our Vulnerability Reward Program. No known attacks have been reported or observed in the wild.

 

Mitigating Factors

A malicious user must have file creation and code execution rights on the machine prior to successful exploitation.

Fix Available

Corporate Products 

Product

Versions

Download

F-Secure Linux Security 

11.XX

Hotfix 7 can be downloaded from: https://www.f-secure.com/en/web/business_global/downloads/linux-security

Note: This security hotfix is for Linux Security 11.XX versions. As per our Support Policy, users with older versions are advised to upgrade to a newer version with security hotfixes support.

 

Credits

F-Secure Corporation would like to thank RACK911LABS.COM for bringing this issue to our attention.

Date Issued: 2018-10-16