Description
On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Mozilla / sccache0 – 0.4.0
References
- VENDOR_ADVISORYhttps://securitylab.github.com/advisories/GHSL-2023-046_ScCache
- VENDOR_ADVISORYhttps://github.com/advisories/GHSA-x7fr-pg8f-93f5