[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92669-1

Platform: cpe:/o:ubuntu:ubuntu_linux:18.04Date: (C)2019-11-07   (M)2023-07-04



The prelinking feature changes binaries in an attempt to decrease their startup time. Rationale: The prelinking feature can interfere with the operation of AIDE, because it changes binaries. Prelinking can also increase the vulnerability of the system if a malicious user is able to compromise a common library such as libc.


Parameter:

[yes/no]


Technical Mechanism:

Run the command: # /usr/sbin/prelink -ua to restore binaries to a normal, non-prelinked state, then remove prelink: # apt-get purge prelink

CCSS Severity:CCSS Metrics:
CCSS Score : 6.2Attack Vector: LOCAL
Exploit Score: 2.5Attack Complexity: LOW
Impact Score: 3.6Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HScope: UNCHANGED
 Confidentiality: NONE
 Integrity: NONE
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:51268


OVAL    1
oval:org.secpod.oval:def:51268
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_18_04

© SecPod Technologies