xfsprogs-xfsdump
Page content
- Author: voroskoi
- Vulnerable: 2.2.38_1-2
- Unaffected: 2.2.45_1-1terminus1
Paul Martin has reported a security issue in xfsdump, which can be exploited by malicious, local users to disclose potentially sensitive information or manipulate data. The security issue is caused due to xfs_fsr creating a temporary directory with insecure permissions within the function “tmp_init()” in fsr/xfs_fsr.c. This can be exploited to read or overwrite files created in this directory or subdirectories, potentially allowing for the disclosure of sensitive information or data manipulation.
- Bug Tracker URL: http://bugs.frugalware.org/task/2122