The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
2014-08-20T14:55:05.860
2025-04-12T10:46:40.837
Deferred
CVSSv2: 3.3 (LOW)
AV:L/AC:M/Au:N/C:N/I:P/A:P
3.4
4.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | mageia | mageia | 3.0 | Yes |
Operating System | mageia | mageia | 4.0 | Yes |
Application | gnu | readline | ≤ 6.3 | Yes |
Application | gnu | readline | 2.1 | Yes |
Application | gnu | readline | 2.2 | Yes |
Application | gnu | readline | 4.0 | Yes |
Application | gnu | readline | 4.1 | Yes |
Application | gnu | readline | 4.2 | Yes |
Application | gnu | readline | 4.2 | Yes |
Application | gnu | readline | 4.3 | Yes |
Application | gnu | readline | 5.0 | Yes |
Application | gnu | readline | 5.1 | Yes |
Application | gnu | readline | 5.2 | Yes |
Application | gnu | readline | 6.0 | Yes |
Application | gnu | readline | 6.1 | Yes |
Application | gnu | readline | 6.2 | Yes |
Operating System | opensuse | opensuse | 12.3 | Yes |
Operating System | opensuse | opensuse | 13.1 | Yes |
Operating System | fedoraproject | fedora | 20 | Yes |