First published: Mon Aug 31 2020(Updated: )
checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Checkinstall | =1.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-25031 is a vulnerability in checkinstall 1.6.2 that occurs when creating a package containing a symlink, leading to the creation of a mode 0777 executable file.
CVE-2020-25031 has a severity rating of 7.8 (high).
Checkinstall version 1.6.2 is affected by CVE-2020-25031.
CVE-2020-25031 is associated with CWE ID 59.
Yes, you can find more information about CVE-2020-25031 at the following link: https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1861281