VDB
CVE-2012-1174
CVE-2012-1174
PUBLISHED
CVSS 3.299999952316284 LOW
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."
EPSS 0.12% · 30.2th percentile
Risk Scores
CVSS 2.0
3.299999952316284
EPSS Score
0.12%
30.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | systemd | 43 |
| n/a | n/a | n/a |
Timeline
- Jul 12, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://cgit.freedesktop.org/systemd/systemd/commit/?id=5ebff5337594d690b322078c512eb222d34aaa82 url
- https://bugzilla.redhat.com/show_bug.cgi?id=803358 url
- FEDORA-2012-6456 vendor-advisory
- [oss-security] 20120316 [Notification] CVE-2012-1174 systemd: TOCTOU race condition by removing user session mailing-list
- MDVSA-2012:030 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2012-1174 advisory