{"id":"CVE-2018-19044","details":"keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.","modified":"2026-03-15T22:19:58.263799Z","published":"2018-11-08T20:29:00.323Z","related":["MGASA-2018-0494","SUSE-SU-2020:0779-1","openSUSE-SU-2024:10893-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2285"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201903-01"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1015141"},{"type":"FIX","url":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"},{"type":"FIX","url":"https://github.com/acassen/keepalived/issues/1048"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/acassen/keepalived","events":[{"introduced":"0"},{"last_affected":"dc3ed1e1e19f02f91edebe4dd1a5f6ec9daf0545"},{"fixed":"04f2d32871bb3b11d7dc024039952f2fe2750306"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.0.8"}]}}],"versions":["1.3.1","v0.2.1","v0.2.3","v0.2.6","v0.2.7","v0.3.5","v0.3.6","v0.3.7","v0.3.8","v0.4.0","v0.4.1","v0.4.8","v0.4.9","v0.4.9a","v0.5.3","v0.5.5","v0.5.6","v0.5.7","v0.5.8","v0.5.9","v0.6.1","v0.6.10","v0.6.2","v0.6.3","v0.6.4","v0.6.6","v0.6.8","v0.6.9","v0.7.1","v0.7.6","v1.0.0","v1.0.1","v1.0.2","v1.0.3","v1.1.0","v1.1.1","v1.1.10","v1.1.11","v1.1.12","v1.1.13","v1.1.14","v1.1.15","v1.1.16","v1.1.17","v1.1.18","v1.1.19","v1.1.2","v1.1.3","v1.1.4","v1.1.5","v1.1.6","v1.1.7","v1.1.8","v1.1.9","v1.2.1","v1.2.10","v1.2.11","v1.2.12","v1.2.13","v1.2.14","v1.2.15","v1.2.16","v1.2.17","v1.2.18","v1.2.19","v1.2.2","v1.2.20","v1.2.21","v1.2.22","v1.2.23","v1.2.24","v1.2.3","v1.2.4","v1.2.5","v1.2.6","v1.2.7","v1.2.8","v1.2.9","v1.3.0","v1.3.2","v1.3.3","v1.3.4","v1.3.5","v1.3.6","v1.3.7","v1.3.8","v1.3.9","v1.4.0","v1.4.1","v1.4.2","v1.4.3","v1.4.4","v1.4.5","v2.0.0","v2.0.1","v2.0.2","v2.0.3","v2.0.4","v2.0.5","v2.0.6","v2.0.7","v2.0.8"],"database_specific":{"vanir_signatures":[{"target":{"function":"pidfile_write","file":"keepalived/core/pidfile.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"53899474236994756973217349540510615717","length":368},"id":"CVE-2018-19044-0d1e618a","deprecated":false,"signature_type":"Function"},{"target":{"file":"keepalived/core/pidfile.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["334645728804560381488736575851512295361","155834348502596080912720125612688189016","217609131223401482800806060589945389143","55401893117276980381725718270709472900"],"threshold":0.9},"id":"CVE-2018-19044-31b02b5a","deprecated":false,"signature_type":"Line"},{"target":{"file":"lib/notify.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["41012986670656114728171684129697322017","41988754381989485178450942294256688043","192094101597536864110882089364668045957","24354058670257551977047087527674696662"],"threshold":0.9},"id":"CVE-2018-19044-34278d22","deprecated":false,"signature_type":"Line"},{"target":{"file":"lib/utils.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["307607089884079097180015391608362080917","306380522871392978479867096194081032845","327443730068525913926126568726956082844","278540084552168018888973381074511001466","213552336815193129709689562338040213745","149630105604599152699067646766467360988","260224017732413231046552979663831915528"],"threshold":0.9},"id":"CVE-2018-19044-4486036c","deprecated":false,"signature_type":"Line"},{"target":{"function":"write_stacktrace","file":"lib/utils.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"61226365923536297404499987539676153806","length":684},"id":"CVE-2018-19044-473c851f","deprecated":false,"signature_type":"Function"},{"target":{"file":"keepalived/vrrp/vrrp_print.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["16377126309419317853880471875991210980","275236865962901892915229509974074727438","232233307519450832252386097003646384542","52727245077052172383742672816570925015","86847528246625730862908215375641970912","253555249983100382147796136547851477278","310260654816849889187738919899738192303","178090816541559605974715095701750757801","36579507478663020070009362964174682527","62502985881263464978857944373045176896","145454053121401827596936394144554430256","337369801990142541909639996290325074010","112938258130102860047927490800089600798","184470350823463965535434774992042898315","101290728411112667767799906328700790116","53853177333860085342517272293930112445","254183882935022923672437198337039859379","216696485852223946059904508371611584775","84850672984964258685829342500752111970","340197988091852604315211319944446637500","308381102563479028360105139092471791165","65296247007616354244637836263938719506","157483265606702507545701047973543180420","175034585798659418212285958650122039417","219181004163406644379034989725037040124","136402829678978307272370116853978438375","43357856672416797495571678411737153535","258298062202644811702169017957361419408"],"threshold":0.9},"id":"CVE-2018-19044-4df2f55e","deprecated":false,"signature_type":"Line"},{"target":{"function":"read_file","file":"keepalived/vrrp/vrrp_dbus.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"312104818161498579000917185126092240789","length":520},"id":"CVE-2018-19044-5118e29e","deprecated":false,"signature_type":"Function"},{"target":{"function":"parse_cmdline","file":"keepalived/core/main.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"307929435059431583004385421558412320410","length":8316},"id":"CVE-2018-19044-616672e6","deprecated":false,"signature_type":"Function"},{"target":{"file":"lib/logger.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["211527548848775662874358521668666583234","329961655487678868804411102315185331312","291429148577745412297123463541507985989","85800099285564993096056496082462614504"],"threshold":0.9},"id":"CVE-2018-19044-67799cb3","deprecated":false,"signature_type":"Line"},{"target":{"function":"fifo_open","file":"lib/notify.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"240078465030113599269916263936576783681","length":892},"id":"CVE-2018-19044-6b0e7e56","deprecated":false,"signature_type":"Function"},{"target":{"function":"vrrp_print_stats","file":"keepalived/vrrp/vrrp_print.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"245497936741895737373033256669848263894","length":1770},"id":"CVE-2018-19044-8b801726","deprecated":false,"signature_type":"Function"},{"target":{"file":"lib/utils.h"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["201812908003792088486825132304798190347","86838297397502962146060376204294221751","224784551423478646477032206559244031004","181217633701310802390921595523558431735"],"threshold":0.9},"id":"CVE-2018-19044-8f49197a","deprecated":false,"signature_type":"Line"},{"target":{"file":"keepalived/core/smtp.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["99692437116179863047028927472409667280","16688724331006239161883682020773043740","1599891099163453216664959930068884890","179484187510807056705217082011534758930"],"threshold":0.9},"id":"CVE-2018-19044-9402b105","deprecated":false,"signature_type":"Line"},{"target":{"file":"keepalived/vrrp/vrrp_scheduler.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["6876233962187794622625777477340133735","243203327669583195656422830984838113857","199313808574580036304197785660997893331","131486135652363061893112458738456036935"],"threshold":0.9},"id":"CVE-2018-19044-9e0bc619","deprecated":false,"signature_type":"Line"},{"target":{"function":"dump_keywords","file":"lib/parser.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"function_hash":"260950446776279844279426530607967716791","length":585},"id":"CVE-2018-19044-af291e5a","deprecated":false,"signature_type":"Function"},{"target":{"file":"keepalived/core/main.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["36755135642874839413262545608064516669","67650175418023282930822986484564378177","227238315273255184529971084583284757879","39399678325621189194292816944172507332"],"threshold":0.9},"id":"CVE-2018-19044-ce9b1d85","deprecated":false,"signature_type":"Line"},{"target":{"file":"lib/parser.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["33442536701202745181767748950594460367","261462552666363518434865947643994689267","194099637431128201036586938626766205904","101189705825354616540099591761324346128","293933817832267820913994295574738204649","291122121220479914200127611025996086738","31145300009378804265688881036561260237"],"threshold":0.9},"id":"CVE-2018-19044-cebf0b73","deprecated":false,"signature_type":"Line"},{"target":{"file":"keepalived/vrrp/vrrp_parser.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["303236488600911607640018269184199844054","26640159115373591593509504003557855123","97331669071644295932240784645566163577","314052878134623452885764165630378575967"],"threshold":0.9},"id":"CVE-2018-19044-d7901636","deprecated":false,"signature_type":"Line"},{"target":{"file":"lib/memory.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["80173015699756498963844534512859644062","261645279581467205339971610913412377341","243179315985615971695795318250056417153","332220554120552197424508653663652529170"],"threshold":0.9},"id":"CVE-2018-19044-dbf776a8","deprecated":false,"signature_type":"Line"},{"target":{"file":"keepalived/vrrp/vrrp_dbus.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["15579777557017360591305962568563126032","133320875031371366701336430393236928153","118458146685870999353406766784310710452","245217339076960719784334187815887880674"],"threshold":0.9},"id":"CVE-2018-19044-df927070","deprecated":false,"signature_type":"Line"},{"target":{"file":"keepalived/vrrp/vrrp_json.c"},"source":"https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306","signature_version":"v1","digest":{"line_hashes":["186062570991145584816236489875603431090","173138665662233539974177799223571928599","29607318043463384981393534719518345292","315942448142085893493596703631299827179","308826075883826694068130762517978634022","66558442712457438190280036936926252538","182919644295508318075868506264119209606","128869879647435459532299970552478556960"],"threshold":0.9},"id":"CVE-2018-19044-f87a33f8","deprecated":false,"signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19044.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}