file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:3530 | Third Party Advisory |
https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174 | Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI/ | |
https://security.netapp.com/advisory/ntap-20190606-0003/ | Third Party Advisory |
https://usn.ubuntu.com/4014-1/ | Third Party Advisory |
https://usn.ubuntu.com/4014-2/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Nov 2023, 03:03
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
24 Mar 2023, 18:29
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* |
|
First Time |
Redhat enterprise Linux Eus
Fedoraproject Redhat enterprise Linux Redhat Canonical Debian Opensuse leap Canonical ubuntu Linux Redhat enterprise Linux Server Tus Fedoraproject fedora Redhat enterprise Linux Server Aus Debian debian Linux Opensuse |
|
References | (UBUNTU) https://usn.ubuntu.com/4014-1/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20190606-0003/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI/ - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:3530 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4014-2/ - Third Party Advisory |
Information
Published : 2019-05-29 17:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-12450
Mitre link : CVE-2019-12450
CVE.ORG link : CVE-2019-12450
JSON object : View
Products Affected
redhat
- enterprise_linux_server_tus
- enterprise_linux_server_aus
- enterprise_linux
- enterprise_linux_eus
gnome
- glib
opensuse
- leap
debian
- debian_linux
canonical
- ubuntu_linux
fedoraproject
- fedora