id3lib

Page content
  • Author: voroskoi
  • Vulnerable: 3.8.3-3
  • Unaffected: 3.8.3-4terminus1

Nikolaus Schulz has reported a security issue in id3lib, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the “RenderV2ToFile()” function in src/tag_file.cpp handling temporary files in an insecure manner. This can be exploited to execute arbitrary commands with escalated privileges (usually root user).

CVEs: