First published: Tue Jun 08 2010(Updated: )
dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Debian dpkg | =1.9.21 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.