Описание
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck".
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | automake15 | Will not fix | ||
| Red Hat Enterprise Linux 5 | automake16 | Will not fix | ||
| Red Hat Enterprise Linux 5 | automake17 | Will not fix | ||
| Red Hat Enterprise Linux 6 | automake15 | Will not fix | ||
| Red Hat Enterprise Linux 6 | automake16 | Will not fix | ||
| Red Hat Enterprise Linux 5 | automake | Fixed | RHSA-2014:1243 | 16.09.2014 |
| Red Hat Enterprise Linux 6 | automake | Fixed | RHSA-2013:0526 | 20.02.2013 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS2
Связанные уязвимости
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x bef ...
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
EPSS
3.7 Low
CVSS2