7 matches found
Ubuntu 19.10 : Timeshift vulnerability (USN-4312-1)
Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...
Fedora 30 : timeshift (2020-1050d60507)
Security fix for CVE-2020-10174 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Fedora 31 : timeshift (2020-6b3ae09449)
Security fix for CVE-2020-10174 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
CVE-2020-10174
inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...
CVE-2020-10174
inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...
CVE-2020-10174
CVE-2020-10174 affects Timeshift prior to 20.03, where init_tmp reuses a preexisting /tmp/timeshift directory and may follow symlinks or use directories owned by unprivileged users. The resulting race condition can allow an attacker to replace Timeshift-created scripts with attacker-controlled sc...
CVE-2020-10174
inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...