Wind River Support Network

HomeDefectsLIN5-18646
Fixed

LIN5-18646 : Security Advisory - pigz - CVE-2013-0296

Created: Apr 29, 2014    Updated: Dec 19, 2017
Resolved Date: May 5, 2014
Found In Version: 5.0.1.15
Fix Version: 5.0.1.15
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0296

Other Downloads


Live chat
Online