High severity8.1NVD Advisory· Published Aug 14, 2018· Updated Jun 17, 2026
CVE-2018-14348
CVE-2018-14348
Description
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- Range: <=0.41
- osv-coords7 versionspkg:rpm/suse/libcgroup1&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/libcgroup1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/libcgroup1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/libcgroup&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/libcgroup&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/libcgroup&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/libcgroup&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 0.41.rc1-7.1+ 6 more
- (no CPE)range: < 0.41.rc1-7.1
- (no CPE)range: < 0.41.rc1-7.1
- (no CPE)range: < 0.41.rc1-7.1
- (no CPE)range: < 0.41.rc1-10.3.1
- (no CPE)range: < 0.41.rc1-10.3.1
- (no CPE)range: < 0.41.rc1-10.3.1
- (no CPE)range: < 0.41.rc1-10.3.1
Patches
Vulnerability mechanics
References
6- sourceforge.net/p/libcg/libcg/ci/0d88b73d189ea3440ccaab00418d6469f76fa590/nvdPatchThird Party Advisory
- bugzilla.suse.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/08/msg00019.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2018-08/msg00023.htmlnvdBroken Link
- access.redhat.com/errata/RHSA-2019:2047nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3VH333EONOEEGKOLHHFXCJYHCYMHJ4KK/nvd
News mentions
0No linked articles in our index yet.