CVE-2009-1299

Published: 18 March 2010

The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file.

Priority

Status

Package	Release	Status
pulseaudio Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Ignored (end of life)
	intrepid	Ignored (end of life, was needed)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Released (1:0.9.22~0.9.21+stable-queue-32-g8478-0ubuntu12)
	maverick	Not vulnerable
	natty	Not vulnerable
	upstream	Released (0.9.22)
	Patches: upstream: http://git.0pointer.de/?p=pulseaudio.git;a=patch;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee

References

https://www.cve.org/CVERecord?id=CVE-2009-1299
NVD
Launchpad
Debian

Bugs

https://bugs.edge.launchpad.net/ubuntu/+source/pulseaudio/+bug/509008
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573615

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›