Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
dpkg-deb: Fix cleanup for control member with restricted directories
Vulnerability Description
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dpkg-deb 安全漏洞
Vulnerability Description
dpkg-deb是Debian社区的一个Linux中的软件包管理器。 dpkg-deb存在安全漏洞,该漏洞源于目录权限清理不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A