CVE-2019-12450
📋 TL;DR
This vulnerability in GNOME GLib's file copy function allows attackers to create files with insecure default permissions (typically world-readable/writable) instead of preserving original permissions. This affects any application using GLib's file copy operations on Linux/Unix systems. The flaw enables privilege escalation and data exposure risks.
💻 Affected Systems
- GNOME GLib
- Applications using GLib file operations
📦 What is this software?
Fedora by Fedoraproject
Glib by Gnome
Leap by Opensuse
Ubuntu Linux by Canonical
Ubuntu Linux by Canonical
Ubuntu Linux by Canonical
Ubuntu Linux by Canonical
Ubuntu Linux by Canonical
Ubuntu Linux by Canonical
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise via privilege escalation when combined with other vulnerabilities, allowing attackers to overwrite critical system files or create backdoors.
Likely Case
Unauthorized access to sensitive files, data leakage, or privilege escalation in multi-user environments where file permissions are security-critical.
If Mitigated
Limited impact if proper file system permissions, SELinux/apparmor, and least privilege principles are already enforced.
🎯 Exploit Status
Exploitation requires ability to trigger file copy operations. Public proof-of-concept demonstrates permission bypass. Often chained with other vulnerabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: GLib 2.61.2 and later
Vendor Advisory: https://access.redhat.com/errata/RHSA-2019:3530
Restart Required: Yes
Instructions:
1. Update GLib package via system package manager. 2. For RedHat/CentOS: yum update glib2. 3. For Debian/Ubuntu: apt update && apt upgrade libglib2.0-0. 4. Restart affected services using GLib.
🔧 Temporary Workarounds
Avoid G_FILE_COPY_NOFOLLOW_SYMLINKS
linuxModify applications to avoid using the G_FILE_COPY_NOFOLLOW_SYMLINKS flag in g_file_copy() operations.
Strict file permission policies
linuxEnforce strict umask settings and file permission policies system-wide.
umask 077
chmod 700 /sensitive/directories
🧯 If You Can't Patch
- Implement mandatory access control (SELinux/apparmor) to restrict file operations
- Isolate applications using GLib in containers with restricted filesystem access
🔍 How to Verify
Check if Vulnerable:
Check GLib version: dpkg -l libglib2.0-0 | grep ^ii or rpm -q glib2. Version 2.15.0-2.61.1 is vulnerable.Check Version:
pkg-config --modversion glib-2.0Verify Fix Applied:
Confirm GLib version is 2.61.2 or higher. Test file copy operations preserve permissions correctly.📡 Detection & Monitoring
Log Indicators:
- Unexpected file creation with 666/777 permissions
- File permission changes during copy operations
SIEM Query:
File creation events where destination permissions differ significantly from source (e.g., source=600, destination=666)🔗 References
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html
- https://access.redhat.com/errata/RHSA-2019:3530
- https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
- https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI/
- https://security.netapp.com/advisory/ntap-20190606-0003/
- https://usn.ubuntu.com/4014-1/
- https://usn.ubuntu.com/4014-2/
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html
- https://access.redhat.com/errata/RHSA-2019:3530
- https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
- https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI/
- https://security.netapp.com/advisory/ntap-20190606-0003/
- https://usn.ubuntu.com/4014-1/
- https://usn.ubuntu.com/4014-2/
