CVE-2017-15288
The MITRE CVE dictionary describes this issue as:
The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges.
Find out more about CVE-2017-15288 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 6.7 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
| Attack Vector | Local |
| Attack Complexity | High |
| Privileges Required | Low |
| User Interaction | Required |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity Impact | High |
| Availability Impact | High |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Software Collections for Red Hat Enterprise Linux | rh-scala210-scala | Will not fix |
| Red Hat JBoss Fuse Service Works 6 | scala-compiler | Will not fix |
| Red Hat JBoss Fuse Service Works 6 | scala-library | Will not fix |
| Red Hat JBoss Fuse Service Works 6 | camel-scala | Will not fix |
| Red Hat JBoss Fuse 6 | Camel | Not affected |
| Red Hat JBoss Data Virtualization 6 | scala-library | Not affected |
| Red Hat JBoss Data Grid 7 | scala-library | Not affected |
| Red Hat JBoss Data Grid 6 | scala-library | Will not fix |
| Red Hat JBoss A-MQ 6 | scala-library | Not affected |
Mitigation
1. Use "scala -nocompdaemon MyScript.scala" rather than "scala MyScript.scala" to disable the implicit startup and use of the daemon.
2. Avoid explicitly starting fsc.
This text is borrowed from the upstream security advisory.
CVE description copyright © 2017, The MITRE Corporation