CVE-2012-1174 — Vulnetix

Try Vulnetix Request Demo

CVE-2012-1174 PUBLISHED CVSS 3.299999952316284 LOW

The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."

EPSS 0.12% · 30.6th percentile

Risk Scores

CVSS v2.0

3.299999952316284

EPSS Score

0.12%

30.6th percentile

Affected Products

Vendor	Product	Versions
linux	systemd	43
n/a	n/a	n/a

Timeline

Jul 12, 2012 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://cgit.freedesktop.org/systemd/systemd/commit/?id=5ebff5337594d690b322078c512eb222d34aaa82 url
https://bugzilla.redhat.com/show_bug.cgi?id=803358 url
FEDORA-2012-6456 vendor-advisory
[oss-security] 20120316 [Notification] CVE-2012-1174 systemd: TOCTOU race condition by removing user session mailing-list
MDVSA-2012:030 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2012-1174 advisory

Open in Interactive Console →