pulseaudio
Page content
- Author: Miklos Vajna
- Vulnerable: 0.9.21-2
- Unaffected: 0.9.21-3locris1
This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the application performing chown() and chmod() calls without checking for symbolic links in existing directories. This can be exploited to e.g. change permissions and ownership of arbitrary files via symlink attacks.
- Bug Tracker URL: http://bugs.frugalware.org/task/4130