userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libimobiledevice | < 1.1.5-0.1 | libimobiledevice_1.1.5-0.1_all.deb |
Debian | 11 | all | libimobiledevice | < 1.1.5-0.1 | libimobiledevice_1.1.5-0.1_all.deb |
Debian | 10 | all | libimobiledevice | < 1.1.5-0.1 | libimobiledevice_1.1.5-0.1_all.deb |
Debian | 999 | all | libimobiledevice | < 1.1.5-0.1 | libimobiledevice_1.1.5-0.1_all.deb |
Debian | 13 | all | libimobiledevice | < 1.1.5-0.1 | libimobiledevice_1.1.5-0.1_all.deb |