Lucene search
GoogleOSV:CVE-2019-13229HistoryJul 04, 2019 - 12:15 p.m.
CVE-2019-13229
2019-07-0412:15:10
Google
osv.dev
4
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled.
References
Related
nvd
nvd
CVE-2019-13229
2019-07-04 12:15:10
cvelist
cvelist
CVE-2019-13229
2019-07-04 11:33:16
cve
cve
CVE-2019-13229
2019-07-04 12:15:10
prion
prion
Code injection
2019-07-04 12:15:00
openvas
openvas
Fedora Update for dtkcore FEDORA-2019-3d418f349c
2019-07-29 00:00:00
Fedora Update for dtkwidget FEDORA-2019-3d418f349c
2019-07-29 00:00:00
Fedora Update for deepin-clone FEDORA-2019-3d418f349c
2019-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: dtkcore-2.0.16.1-1.fc30
2019-07-28 01:23:57
[SECURITY] Fedora 30 Update: deepin-clone-1.1.4-1.fc30
2019-07-28 01:23:57
[SECURITY] Fedora 30 Update: dtkwidget-2.0.16.1-1.fc30
2019-07-28 01:23:57
nessus
nessus
Fedora 30 : deepin-clone / dtkcore / dtkwidget (2019-3d418f349c)
2019-07-29 00:00:00