First published: Thu Jan 10 2019(Updated: )
Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14.
Credit: security@debian.org security@debian.org
Affected Software | Affected Version | How to fix |
---|---|---|
Debian tmpreaper | =1.6.13\+nmu1 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
debian/tmpreaper | 1.6.14+nmu2 1.6.17 1.6.17+nmu1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.