Lucene search
PRIOn knowledge basePRION:CVE-2019-13226HistoryJul 04, 2019 - 12:15 p.m.
Race condition
2019-07-0412:15:00
PRIOn knowledge base
www.prio-n.com
4
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary location. By winning a race condition, the attacker can also enter the mount point, thereby preventing a subsequent unmount of the file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| deepin-clone | lt | 1.1.3 | |
| fedora | eq | 30 |
Related
osv
osv
CVE-2019-13226
2019-07-04 12:15:10
redhatcve
redhatcve
CVE-2019-13226
2022-05-21 00:17:42
cvelist
cvelist
CVE-2019-13226
2019-07-04 11:32:50
nvd
nvd
CVE-2019-13226
2019-07-04 12:15:10
cve
cve
CVE-2019-13226
2019-07-04 12:15:10
openvas
openvas
Fedora Update for deepin-clone FEDORA-2019-3d418f349c
2019-07-29 00:00:00
Fedora Update for dtkwidget FEDORA-2019-3d418f349c
2019-07-29 00:00:00
Fedora Update for dtkcore FEDORA-2019-3d418f349c
2019-07-29 00:00:00
nessus
nessus
Fedora 30 : deepin-clone / dtkcore / dtkwidget (2019-3d418f349c)
2019-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: deepin-clone-1.1.4-1.fc30
2019-07-28 01:23:57
[SECURITY] Fedora 30 Update: dtkcore-2.0.16.1-1.fc30
2019-07-28 01:23:57
[SECURITY] Fedora 30 Update: dtkwidget-2.0.16.1-1.fc30
2019-07-28 01:23:57