Description
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/sosreport/sos-collector/commit/72058f9253e7ed8c7243e2ff76a16d97b03d65ed
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:3663
Scores
CVSS v3
5.9
EPSS
0.0004
EPSS Percentile
13.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Details
CWE
CWE-276
CWE-732
Status
published
Products (6)
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_server_aus
7.6
redhat/enterprise_linux_server_eus
7.6
redhat/enterprise_linux_workstation
7.0
sos-collector_project/sos-collector
1.4
Published
Sep 27, 2018
Tracked Since
Feb 18, 2026