CVE-2019-13229
Affected software: deepin-clone up to version 1.1.3. Root cause: Helper::getPartitionSizeInfo writes a log at /tmp/partclone.log and follows symlinks, enabling an unprivileged user to perform a symlink attack to create or overwrite arbitrary filesystem files. Impact: local, unprivileged attacker ...