Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-28407HistoryNov 03, 2023 - 4:15 a.m.
CVE-2020-28407
2023-11-0304:15:00
Debian Security Bug Tracker
security-tracker.debian.org
13
vulnerability
swtpm
local attacker
file overwrite
symlink attack
temporary file
unix
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | swtpm | < 0.7.1-1.3 | swtpm_0.7.1-1.3_all.deb |
| Debian | 999 | all | swtpm | < 0.7.1-1.4 | swtpm_0.7.1-1.4_all.deb |
| Debian | 13 | all | swtpm | < 0.7.1-1.4 | swtpm_0.7.1-1.4_all.deb |
Related
archlinux
archlinux
[ASA-202011-21] swtpm: privilege escalation
2020-11-19 00:00:00
openvas
openvas
Fedora: Security Advisory for swtpm (FEDORA-2020-c707fcb91f)
2020-11-27 00:00:00
Fedora: Security Advisory for swtpm (FEDORA-2020-00d28cf56b)
2020-11-27 00:00:00
nessus
nessus
CentOS 9 : swtpm-0.6.0-3.20210607gitea627b3.el9
2024-02-29 00:00:00
RHEL 8 : swtpm (Unpatched Vulnerability)
2024-05-11 00:00:00
prion
prion
Code injection
2023-11-03 04:15:00
cvelist
cvelist
CVE-2020-28407
2023-11-03 00:00:00
osv
osv
CVE-2020-28407
2023-11-03 04:15:15
cve
cve
CVE-2020-28407
2023-11-03 04:15:00
redhatcve
redhatcve
CVE-2020-28407
2021-05-25 14:57:02
ubuntucve
ubuntucve
CVE-2020-28407
2023-11-03 00:00:00