Updated coreutils packages fix security vulnerabilities
Publication date: 08 Jan 2019Modification date: 08 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-18018 , CVE-2018-17942
Description
A flaw was found in GNU Coreutils through 8.29 in chown-core.c. The functions chown and chgrp do not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition (CVE-2017-18018). A flaw was found in Gnulib before 2018-09-23. The convert_to_decimal function in vasnprintf.c has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing (CVE-2018-17942).
References
- https://bugs.mageia.org/show_bug.cgi?id=23825
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JK2ISMPYUEU3JS3L7AVXEHWCI56INCJJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4ZP6L5HXDOVKYTM5ELLYE64H75MT4LZR/
- https://bugs.mageia.org/show_bug.cgi?id=22495
- https://bugs.mageia.org/show_bug.cgi?id=23825
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17942
SRPMS
6/core
- coreutils-8.25-3.1.mga6