UBUNTU-CVE-2019-12522
- Source
- https://ubuntu.com/security/CVE-2019-12522
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-12522.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-12522
- Upstream
- Published
- 2020-04-15T19:15:00Z
- Modified
- 2026-01-20T16:44:08.369593Z
- Severity
-
- 4.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leavesuid call. leavesuid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
- References
Affected packages
Ubuntu:22.04:LTS
squid
Package
- Name
- squid
- Purl
- pkg:deb/ubuntu/squid@5.9-0ubuntu0.22.04.4?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.13-10ubuntu5
5.*
5.2-1ubuntu1
5.2-1ubuntu3
5.2-1ubuntu4
5.2-1ubuntu4.1
5.2-1ubuntu4.2
5.2-1ubuntu4.3
5.7-0ubuntu0.22.04.1
5.7-0ubuntu0.22.04.2
5.7-0ubuntu0.22.04.3
5.7-0ubuntu0.22.04.4
5.9-0ubuntu0.22.04.1
5.9-0ubuntu0.22.04.2
5.9-0ubuntu0.22.04.3
5.9-0ubuntu0.22.04.4
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "5.9-0ubuntu0.22.04.4"
},
{
"binary_name": "squid-cgi",
"binary_version": "5.9-0ubuntu0.22.04.4"
},
{
"binary_name": "squid-common",
"binary_version": "5.9-0ubuntu0.22.04.4"
},
{
"binary_name": "squid-openssl",
"binary_version": "5.9-0ubuntu0.22.04.4"
},
{
"binary_name": "squid-purge",
"binary_version": "5.9-0ubuntu0.22.04.4"
},
{
"binary_name": "squidclient",
"binary_version": "5.9-0ubuntu0.22.04.4"
}
]
}Ubuntu:24.04:LTS
squid
Package
- Name
- squid
- Purl
- pkg:deb/ubuntu/squid@6.13-0ubuntu0.24.04.3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.1-2ubuntu1
6.1-2ubuntu2
6.5-1ubuntu1
6.5-1ubuntu2
6.5-1ubuntu3
6.6-1ubuntu4
6.6-1ubuntu5
6.6-1ubuntu5.1
6.10-0ubuntu0.24.04.1
6.13-0ubuntu0.24.04.1
6.13-0ubuntu0.24.04.2
6.13-0ubuntu0.24.04.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "6.13-0ubuntu0.24.04.3"
},
{
"binary_name": "squid-cgi",
"binary_version": "6.13-0ubuntu0.24.04.3"
},
{
"binary_name": "squid-common",
"binary_version": "6.13-0ubuntu0.24.04.3"
},
{
"binary_name": "squid-openssl",
"binary_version": "6.13-0ubuntu0.24.04.3"
},
{
"binary_name": "squid-purge",
"binary_version": "6.13-0ubuntu0.24.04.3"
},
{
"binary_name": "squidclient",
"binary_version": "6.13-0ubuntu0.24.04.3"
}
]
}Ubuntu:25.10
squid
Package
- Name
- squid
- Purl
- pkg:deb/ubuntu/squid@6.13-1ubuntu4.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "6.13-1ubuntu4.1"
},
{
"binary_name": "squid-cgi",
"binary_version": "6.13-1ubuntu4.1"
},
{
"binary_name": "squid-common",
"binary_version": "6.13-1ubuntu4.1"
},
{
"binary_name": "squid-openssl",
"binary_version": "6.13-1ubuntu4.1"
},
{
"binary_name": "squid-purge",
"binary_version": "6.13-1ubuntu4.1"
},
{
"binary_name": "squidclient",
"binary_version": "6.13-1ubuntu4.1"
}
]
}Ubuntu:Pro:16.04:LTS
squid3
Package
- Name
- squid3
- Purl
- pkg:deb/ubuntu/squid3@3.5.12-1ubuntu7.16+esm6?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.3.8-1ubuntu16
3.3.8-1ubuntu17
3.5.12-1ubuntu6
3.5.12-1ubuntu7
3.5.12-1ubuntu7.1
3.5.12-1ubuntu7.2
3.5.12-1ubuntu7.3
3.5.12-1ubuntu7.4
3.5.12-1ubuntu7.5
3.5.12-1ubuntu7.6
3.5.12-1ubuntu7.7
3.5.12-1ubuntu7.8
3.5.12-1ubuntu7.9
3.5.12-1ubuntu7.10
3.5.12-1ubuntu7.11
3.5.12-1ubuntu7.12
3.5.12-1ubuntu7.13
3.5.12-1ubuntu7.14
3.5.12-1ubuntu7.15
3.5.12-1ubuntu7.16
3.5.12-1ubuntu7.16+esm1
3.5.12-1ubuntu7.16+esm2
3.5.12-1ubuntu7.16+esm3
3.5.12-1ubuntu7.16+esm4
3.5.12-1ubuntu7.16+esm5
3.5.12-1ubuntu7.16+esm6
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
},
{
"binary_name": "squid-cgi",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
},
{
"binary_name": "squid-common",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
},
{
"binary_name": "squid-purge",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
},
{
"binary_name": "squid3",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
},
{
"binary_name": "squidclient",
"binary_version": "3.5.12-1ubuntu7.16+esm6"
}
]
}Ubuntu:Pro:18.04:LTS
squid3
Package
- Name
- squid3
- Purl
- pkg:deb/ubuntu/squid3@3.5.27-1ubuntu1.14+esm5?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.5.23-5ubuntu1
3.5.23-5ubuntu2
3.5.27-1ubuntu1
3.5.27-1ubuntu1.1
3.5.27-1ubuntu1.2
3.5.27-1ubuntu1.3
3.5.27-1ubuntu1.4
3.5.27-1ubuntu1.5
3.5.27-1ubuntu1.6
3.5.27-1ubuntu1.7
3.5.27-1ubuntu1.8
3.5.27-1ubuntu1.9
3.5.27-1ubuntu1.10
3.5.27-1ubuntu1.11
3.5.27-1ubuntu1.12
3.5.27-1ubuntu1.13
3.5.27-1ubuntu1.14
3.5.27-1ubuntu1.14+esm1
3.5.27-1ubuntu1.14+esm2
3.5.27-1ubuntu1.14+esm3
3.5.27-1ubuntu1.14+esm4
3.5.27-1ubuntu1.14+esm5
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
},
{
"binary_name": "squid-cgi",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
},
{
"binary_name": "squid-common",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
},
{
"binary_name": "squid-purge",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
},
{
"binary_name": "squid3",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
},
{
"binary_name": "squidclient",
"binary_version": "3.5.27-1ubuntu1.14+esm5"
}
]
}Ubuntu:Pro:20.04:LTS
squid
Package
- Name
- squid
- Purl
- pkg:deb/ubuntu/squid@4.10-1ubuntu1.13+esm2?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.8-1ubuntu2
4.8-1ubuntu3
4.9-2ubuntu1
4.9-2ubuntu2
4.9-2ubuntu3
4.9-2ubuntu4
4.10-1ubuntu1
4.10-1ubuntu1.1
4.10-1ubuntu1.2
4.10-1ubuntu1.3
4.10-1ubuntu1.4
4.10-1ubuntu1.5
4.10-1ubuntu1.6
4.10-1ubuntu1.7
4.10-1ubuntu1.8
4.10-1ubuntu1.9
4.10-1ubuntu1.10
4.10-1ubuntu1.11
4.10-1ubuntu1.12
4.10-1ubuntu1.13
4.10-1ubuntu1.13+esm1
4.10-1ubuntu1.13+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "squid",
"binary_version": "4.10-1ubuntu1.13+esm2"
},
{
"binary_name": "squid-cgi",
"binary_version": "4.10-1ubuntu1.13+esm2"
},
{
"binary_name": "squid-common",
"binary_version": "4.10-1ubuntu1.13+esm2"
},
{
"binary_name": "squid-purge",
"binary_version": "4.10-1ubuntu1.13+esm2"
},
{
"binary_name": "squidclient",
"binary_version": "4.10-1ubuntu1.13+esm2"
}
]
}