It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
References
Configurations
History
12 Feb 2023, 23:28
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-284 | |
Summary | It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux. | |
References |
|
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-276 | |
References |
|
|
Summary | It was found that the system umask policy is not being honored when creating XDG user directories (~/Desktop etc) on first login. This could lead to user's files being inadvertently exposed to other local users. |
25 Feb 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-284 |
Information
Published : 2018-01-09 21:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-15131
Mitre link : CVE-2017-15131
CVE.ORG link : CVE-2017-15131
JSON object : View
Products Affected
freedesktop
- xdg-user-dirs
redhat
- enterprise_linux