VDB

ALPINE-CVE-2019-12449

ALPINE-CVE-2019-12449 PUBLISHED CVSS 5.699999809265137 MEDIUM

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.

Risk Scores

CVSS v3.1
5.699999809265137
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Alpine:v3.8gvfs0, 1.12.3-r0, 1.14.0-r0
Alpine:v3.7gvfs0, 1.12.3-r0, 1.14.0-r0

Timeline

  • May 29, 2019 CVE Published
  • Nov 19, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›