GHSA-3pqh-p72c-fj85

Suggest an improvement
Source
https://github.com/advisories/GHSA-3pqh-p72c-fj85
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/11/GHSA-3pqh-p72c-fj85/GHSA-3pqh-p72c-fj85.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-3pqh-p72c-fj85
Aliases
  • CVE-2021-3978
Published
2021-11-19T19:34:26Z
Modified
2023-11-08T04:06:39.978858Z
Summary
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki
Details

Impact

When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root (https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation.

For more information

If you have any questions or comments about this advisory email us at security@cloudflare.com

References

Affected packages

Go / github.com/cloudflare/cfrpki

Package

Name
github.com/cloudflare/cfrpki
View open source insights on deps.dev
Purl
pkg:golang/github.com/cloudflare/cfrpki

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2