CVE-2016-3096

Published: Jun 3, 2016Modified: May 6, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

Affected (6)

Products: Fedoraproject: Fedora · Redhat: Ansible

1 product

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 22
Fedoraproject Fedora	Version 23
Fedoraproject Fedora	Version 24

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Redhat Ansible	Up to 1.9.6
Redhat Ansible	Version 2.0.1
Redhat Ansible	Version 2.0

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (26)

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html

Source: secalert@redhat.com

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html

Source: secalert@redhat.com

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html

Source: secalert@redhat.com

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1322925

Source: secalert@redhat.com

Issue Tracking

https://github.com/ansible/ansible-modules-extras/pull/1941

Source: secalert@redhat.com

Patch

https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4

Source: secalert@redhat.com

Patch

https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd

Source: secalert@redhat.com

Third Party Advisory

https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away

Source: secalert@redhat.com

Patch

https://groups.google.com/forum/#%21topic/ansible-announce/E80HLZilTU0

Source: secalert@redhat.com

https://groups.google.com/forum/#%21topic/ansible-announce/tqiZbcWxYig

Source: secalert@redhat.com

https://security.gentoo.org/glsa/201607-14

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1322925

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://github.com/ansible/ansible-modules-extras/pull/1941

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://groups.google.com/forum/#%21topic/ansible-announce/E80HLZilTU0

Source: af854a3a-2127-422b-91ae-364da2661108

https://groups.google.com/forum/#%21topic/ansible-announce/tqiZbcWxYig

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201607-14

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.