CVE Vulnerabilities

CVE-2013-0296

Published: Apr 27, 2014 | Modified: Apr 28, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that files permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring.

Affected Software

Name Vendor Start Version End Version
Pigz Zlib * 2.2.4-1

References