VDB
GCVE-110-MAGEIA-2014-319
GCVE-110-MAGEIA-2014-319
Advisory Published
Steve Kemp discovered the _rl_tropen() function in readline insecurely handled
a temporary file. This could allow a local attacker to perform symbolic link
attacks (CVE-2014-2524).
Also, upstream patches have been added to fix an infinite loop in vi input
mode, and to fix an issue with slowness when pasting text.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | readline | 6.2-9.1.mga4 (unaffected), 0 (affected) | — |
| Mageia | readline | 0 (affected), 6.2-7.1.mga3 (unaffected) | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.