CVE-2023-1521: Detailed Vulnerability Analysis and Overview

CVE-2023-1521 Vulnerability Summary

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.

Need help fixing CVEs? Check out our Step-by-Step Guide on How to Fix CVEs.

CVE-2023-1521: Detailed Information and External References

EPSS

0.00043

EPSS %

0.10929

References

0.00043

• https://github.com/advisories/GHSA-x7fr-pg8f-93f5
• https://securitylab.github.com/advisories/GHSL-2023-046_ScCache

CWE

CWE-426

CAPEC

0.00043

• Leveraging/Manipulating Configuration File Search Paths: This pattern of attack sees an adversary load a malicious resource into a program's standard path so that when a known command is executed then the system instead executes the malicious component. The adversary can either modify the search path a program uses, like a PATH variable or classpath, or they can manipulate resources on the path to point to their malicious components. J2EE applications and other component based applications that are built from multiple binaries can have very long list of dependencies to execute. If one of these libraries and/or references is controllable by the attacker then application controls can be circumvented by the attacker.

CVSS3 Source

134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS3 Type

Secondary

CVSS3 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H