CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

Unspecified vulnerability in deepin-clone (CNVD-2019-23972)

deepin-clone is a disk and partition backup/recovery tool. A security vulnerability exists in deepin-clone versions prior to 1.1.3. An attacker can exploit the vulnerability to create or overwrite files at arbitrary locations on the file system...

Unspecified vulnerability in deepin-clone (CNVD-2019-23981)

deepin-clone is a disk and partition backup/recovery tool. A security vulnerability exists in deepin-clone versions prior to 1.1.3. An attacker can exploit the vulnerability to create or overwrite files anywhere on the file system...

Unspecified vulnerability in deepin-clone (CNVD-2019-23973)

deepin-clone is a disk and partition backup/recovery tool. A security vulnerability exists in deepin-clone versions prior to 1.1.3. An attacker can exploit the vulnerability to gain access to mount points and prevent file system unmounting...

CVE-2019-13226

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/ in the Helper::temporaryMountDevice function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary location. By winning a...

CVE-2019-13229

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content...

CVE-2019-13228

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker...

CVE-2019-13227

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled...

CVE-2019-13229

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content...

CVE-2019-13227

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled...

CVE-2019-13226

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/ in the Helper::temporaryMountDevice function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary location. By winning a...

Code injection

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content...

Race condition

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/ in the Helper::temporaryMountDevice function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary location. By winning a...

Code injection

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled...

Race condition

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker...

CVE-2019-13229

Affected software: deepin-clone up to version 1.1.3. Root cause: Helper::getPartitionSizeInfo writes a log at /tmp/partclone.log and follows symlinks, enabling an unprivileged user to perform a symlink attack to create or overwrite arbitrary filesystem files. Impact: local, unprivileged attacker ...

CVE-2019-13229

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content...

CVE-2019-13228

Per the provided documents, CVE-2019-13228 affects the Deepin tool deepin-clone prior to version 1.1.3, which uses a fixed path /tmp/repo.iso in BootDoctor::fix() and follows symlinks. This enables a local attacker to leverage a symlink race to replace /tmp/repo.iso with an attacker-controlled IS...

CVE-2019-13228

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker...

CVE-2019-13227

CVE-2019-13227 affects deepin-clone prior to 1.1.3, where GUI mode writes a log to /tmp/.deepin-clone.log as root and then follows symlinks. This enables a local unprivileged user to perform a symlink attack to create or overwrite files in arbitrary filesystem locations; the content is not attack...