Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this location, an attacker can attempt to win a race condition to replace scripts created by Timeshift with attacker-controlled scripts. Upon success, an attacker-controlled script is executed with full root privileges. This logic is practically always triggered when Timeshift runs regardless of the command-line arguments used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Timeshift 后置链接漏洞
Vulnerability Description
Timeshift是一款Linux系统还原工具。该产品支持创建文件系统快照,并提供快照恢复等功能。 Timeshift 20.03之前版本中存在后置链接漏洞,该漏洞源于TeeJee.FileSystem.vala文件的‘init_tmp’函数在可预测的/tmp/timeshift位置重用了之前存在的临时路径。攻击者可利用该漏洞以root权限执行其控制的脚本。
CVSS Information
N/A
Vulnerability Type
N/A