UBUNTU-CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir() as root directly without checking the path, letting the attacker provide an arbitrary path.

References

Affected packages

Ubuntu:Pro:16.04:LTS / amanda

Package

Name: amanda
Purl: pkg:deb/ubuntu/amanda@1:3.3.6-4.1ubuntu0.1+esm2?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*

1:3.3.6-4

1:3.3.6-4.1

1:3.3.6-4.1ubuntu0.1

1:3.3.6-4.1ubuntu0.1+actuallyesm2

1:3.3.6-4.1ubuntu0.1+esm1

1:3.3.6-4.1ubuntu0.1+esm2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "amanda-client",
            "binary_version": "1:3.3.6-4.1ubuntu0.1+esm2"
        },
        {
            "binary_name": "amanda-common",
            "binary_version": "1:3.3.6-4.1ubuntu0.1+esm2"
        },
        {
            "binary_name": "amanda-server",
            "binary_version": "1:3.3.6-4.1ubuntu0.1+esm2"
        }
    ]
}

Ubuntu:18.04:LTS / amanda

Package

Name: amanda
Purl: pkg:deb/ubuntu/amanda@1:3.5.1-1ubuntu0.3?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-1ubuntu0.3

Affected versions

1:3.*

1:3.3.9-5build1

1:3.5-2

1:3.5.1-1

1:3.5.1-1build1

1:3.5.1-1build2

1:3.5.1-1ubuntu0.1

1:3.5.1-1ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "amanda-client",
            "binary_version": "1:3.5.1-1ubuntu0.3"
        },
        {
            "binary_name": "amanda-common",
            "binary_version": "1:3.5.1-1ubuntu0.3"
        },
        {
            "binary_name": "amanda-server",
            "binary_version": "1:3.5.1-1ubuntu0.3"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:20.04:LTS / amanda

Package

Name: amanda
Purl: pkg:deb/ubuntu/amanda@1:3.5.1-2ubuntu0.3?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-2ubuntu0.3

Affected versions

1:3.*

1:3.5.1-2build2

1:3.5.1-2build3

1:3.5.1-2ubuntu0.1

1:3.5.1-2ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "amanda-client",
            "binary_version": "1:3.5.1-2ubuntu0.3"
        },
        {
            "binary_name": "amanda-common",
            "binary_version": "1:3.5.1-2ubuntu0.3"
        },
        {
            "binary_name": "amanda-server",
            "binary_version": "1:3.5.1-2ubuntu0.3"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:22.04:LTS / amanda

Package

Name: amanda
Purl: pkg:deb/ubuntu/amanda@1:3.5.1-8ubuntu1.3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-8ubuntu1.3

Affected versions

1:3.*

1:3.5.1-5ubuntu1

1:3.5.1-8

1:3.5.1-8ubuntu1

1:3.5.1-8ubuntu1.1

1:3.5.1-8ubuntu1.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "amanda-client",
            "binary_version": "1:3.5.1-8ubuntu1.3"
        },
        {
            "binary_name": "amanda-common",
            "binary_version": "1:3.5.1-8ubuntu1.3"
        },
        {
            "binary_name": "amanda-server",
            "binary_version": "1:3.5.1-8ubuntu1.3"
        }
    ],
    "availability": "No subscription required"
}