{ "CVE_data_meta" : { "ASSIGNER" : "security@ubuntu.com", "DATE_PUBLIC" : "2018-08-21T00:00:00.000Z", "ID" : "CVE-2018-6557", "STATE" : "PUBLIC", "TITLE" : "Insecure temporary file use in base-files" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "base-files", "version" : { "version_data" : [ { "affected" : "<", "version_value" : "10.1ubuntu2.2" } ] } } ] }, "vendor_name" : "Ubuntu" } ] } }, "credit" : [ { "lang" : "eng", "value" : "Sander Bos" } ], "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "Insecure Temporary File" } ] } ] }, "references" : { "reference_data" : [ { "name" : "USN-3748-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3748-1/" }, { "name" : "105148", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/105148" }, { "name" : "1041530", "refsource" : "SECTRACK", "url" : "http://www.securitytracker.com/id/1041530" } ] }, "source" : { "discovery" : "EXTERNAL" } }