CVE-2024-45339
Published: 28 January 2025
Description
When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.
Security Summary
CVE-2024-45339 is a vulnerability in glog, a logging library for Go programs originally developed by Google. In its default configuration, glog writes logs to a widely writable directory, enabling a symlink race condition. An attacker can predict the log file path used by a privileged process and pre-create a symbolic link pointing to a sensitive file. When the privileged process attempts to write logs, it follows the symlink and overwrites the target sensitive file.
The attack requires local access with low privileges (PR:L), low attack complexity (AC:L), and no user interaction (UI:N), as indicated by the CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). An unprivileged local attacker can exploit this to achieve high confidentiality and integrity impacts by overwriting arbitrary sensitive files owned by the privileged process, potentially leading to data corruption or exposure.
The patch, detailed in glog pull request #74 (commit b8741656e406e66d6992bc2c9575e460ecaa0ec2), modifies glog to exit with status code 2 if the configured log file already exists, preventing the symlink follow. This fix is announced in the Go vulnerability database (GO-2025-3372) and golang-announce group, with related guidance on insecure temporary file handling from OWASP.
Details
- CWE(s)