{
  "threat_severity" : "Moderate",
  "public_date" : "2020-01-17T00:00:00Z",
  "bugzilla" : {
    "description" : "glibc: use-after-free in glob() function when expanding ~user",
    "id" : "1810718",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1810718"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution." ],
  "statement" : "The Red Hat Product Security Team has rated this issue as having Moderate security impact. This flaw did not affect the versions of `glibc` as shipped with Red Hat Enterprise Linux 5 and 6, as the vulnerable code was introduced in a later version of the package. Red Hat Enterprise Linux 7 is approaching the End of Maintenance Support 1 Phase of the support and maintenance life cycle. The flaw is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7, hence marked as \"Will not fix\". For further information, please refer to the Red Hat Enterprise Linux Life Cycle and Issue Severity Classification:\n[1] https://access.redhat.com/support/policy/updates/errata\n[2] https://access.redhat.com/security/updates/classification",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4444",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "glibc-0:2.28-127.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4444",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "glibc-0:2.28-127.el8"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Will not fix",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-1752\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1752" ],
  "name" : "CVE-2020-1752",
  "mitigation" : {
    "value" : "Avoid the expansion of overly long directory paths.",
    "lang" : "en:us"
  },
  "csaw" : false
}