Incorrect User Management Affecting github.com/ubuntu/authd/internal/users package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-GOLANG-GITHUBCOMUBUNTUAUTHDINTERNALUSERS-8185033
- published 14 Oct 2024
- disclosed 11 Oct 2024
- credit nbraud
Introduced: 11 Oct 2024
CVE-2024-9312 Open this link in a new tabHow to fix?
There is no fixed version for github.com/ubuntu/authd/internal/users
.
Overview
github.com/ubuntu/authd/internal/users is an authentication daemon for external Broker
Affected versions of this package are vulnerable to Incorrect User Management in users/manager.go
and nss.go
, which implement GenerateID()
for UIDs and GIDs. This function is prone to collisions and can be attacked by offline brute forcing of UIDs to impersonate a legitimate user and escalate privileges.
Note:
This vulnerability was mitigated in version 0.3.6 by making the UID/GID
ranges configurable, so administrators can make sure that the ranges don't overlap with the ranges used by other system components. Even if this responsibility was moved to administrators, the default range is still 1000000000-1999999999
and if it is not changed, a Generated UID can still be used by another user on the system.