CVE-2019-12450

Published: 29 May 2019

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
glib2.0
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver)
Released (2.56.4-0ubuntu0.18.04.3)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.48.2-0ubuntu4.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.40.2-0ubuntu1.1+esm1)
Patches:
Upstream: https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174