ALT-PU-2019-2780-1
Closed vulnerabilities
Published: 2019-06-01
BDU:2019-04780
Уязвимость функции file_copy_fallback() библиотеки Glib, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: CRITICAL (9.8)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-05-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-12450
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- openSUSE-SU-2019:1650
- openSUSE-SU-2019:1650
- RHSA-2019:3530
- RHSA-2019:3530
- https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
- https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1826-1] glib2.0 security update
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1826-1] glib2.0 security update
- FEDORA-2019-c18d2bd1bd
- FEDORA-2019-c18d2bd1bd
- https://security.netapp.com/advisory/ntap-20190606-0003/
- https://security.netapp.com/advisory/ntap-20190606-0003/
- USN-4014-1
- USN-4014-1
- USN-4014-2
- USN-4014-2