September, 9, 2022

 

Michael Orlitzky discovers another Critical Vulnerability, Publishes CVE-2022-40299

Product - Singular, Versions affected - 4.3.0 and earlier
Fixed in commits 72df188 and 5f28fbf0, version 4.3.1
Bug report https://github.com/Singular/Singular/issues/1137
MITRE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40299

Summary

The Singular interface (as opposed to its library of Singular code) uses fixed paths under the world-writable /tmp for log files and as scratch space for the debugger. This can be exploited in well-known ways. In particular, an attacker can make Singular overwrite files belonging to the Singular user, or in rare cases, to execute code.

Both of these can be exploited in familiar ways to clobber files owned by the Singular user. The sdb vulnerability can also lead to code execution if the attacker is able to modify the code snippet as it is being loaded from the scratch file back into Singular.

Resolution

The logfile issue was resolved in commit 72df188 by making the --log flag take a mandatory parameter specifying the filename. Presumably the user will not specify a world-writable path. The sdb issue was resolved in commit 5f28fbf0 by using mkstemp() to create the scratch file.

Learn More

Complete details here: http://michael.orlitzky.com/cves/cve-2022-40299.xhtml


Under no circumstances should you send an email to ackbar@viabit.com .

For more information, call: 410-667-3600

What is CVE?

Common Vulnerabilities and Exposures (CVE®) is a list of common identifiers for publicly known cybersecurity vulnerabilities, and is the industry standard for vulnerability and exposure identifiers.

The process of creating a CVE Entry begins with the discovery of a potential security vulnerability.  The MITRE Corporation currently maintains CVE and this public website, oversees the CNAs and CVE Board, and provides impartial technical guidance throughout the process to ensure CVE serves the public interest.

About Metro Data, Inc.

Founded in 1994, Metro Data, Inc. is a leading information systems & services firm that works exclusively with business clients to develop and apply customized technology solutions that accomplish a client's strategic goals.

Businesses have chosen Metro Data, Inc. to help keep pace with the ever-changing technology landscape.  Metro Data, Inc.’s "end-to-end" experience helps their customers to secure their systems, reduce costs, and improve their business information systems performance.

About the CVE Author, Michael J. Orlitzky

Mike has been with Metro Data, Inc. for over 20 years.  He holds a PhD in Mathematics.  He has been globally recognized for his work in discovering (and fixing) vulnerabilities in operating systems and application software.  His research has been published in professional journals and he's been acknowledged by industry and academic peers for his work.

Managed I.T. Services

The difference with our "Metro Manage I.T." model is that we proactively monitor your systems and keep them up-to-date and healthy.  

Read More

Hardware Sales & Support

Whether you're in need of computer support, networking monitoring, hardware or software, Metro Data is the one-stop solution for all of your business and corporate technology needs.

Read More

Email Hosting and Filtering

We offer filtering services to stop the constant flow of junk mail before it ever makes it into your inbox. Let Metro Data be your one stop shop for all your I.T. needs!

Read More

Partnerships
Intel Gold Partner
Dell Technologies - Authorize Partner
Linux
Lenovo Business Partner
Microsoft Partner
Cisco Systems Partner