{
  "threat_severity" : "Important",
  "public_date" : "2018-01-11T00:00:00Z",
  "bugzilla" : {
    "description" : "glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation",
    "id" : "1533836",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1533836"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-122",
  "details" : [ "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution." ],
  "statement" : "This vulnerability affected the glibc package on Red Hat Enterprise Linux 7.4, however it can only be exploited when mount namespaces owned by user namespaces are enabled, which requires manually configuring a kernel parameter and sysctl that are not enabled by default. Please see the Bugzilla link for more details.\nThis vulnerability affects glibc on Red Hat Enterprise Linux 6. However the kernel included in Red Hat Enterprise Linux 6 does not violate glibc's assumption about the behaviour of getcwd(), so this vulnerability can not be exploited when running with the default kernel. Red Hat Enterprise Linux 6 containers may be vulnerable when running on a host with kernel 2.6.36 or greater.",
  "acknowledgement" : "Red Hat would like to thank halfdog for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2018-04-10T00:00:00Z",
    "advisory" : "RHSA-2018:0805",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "glibc-0:2.17-222.el7",
    "impact" : "moderate"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "compat-glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "compat-glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "impact" : "moderate"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "compat-glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-1000001\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1000001" ],
  "name" : "CVE-2018-1000001",
  "csaw" : false
}