Note:
This project will be discontinued after December 13, 2021. [more]
2019-05-29
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
Products | Gvfs |
Type | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) |
First patch | - None (likely due to unavailable code) |
Links |
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2DQVOL5H5BVLXYCEB763DCIYJQ7ZUQ2/
• http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00009.html • https://gitlab.gnome.org/GNOME/gvfs/commit/764e9af7522e3096c0f44613c330377d31c9bbb5 • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FP6BFQUPQRVRRFIYHFWWB6RHJNEB4LGQ/ • https://usn.ubuntu.com/4053-1/ |