PT-2012-1247 · Gnu+5 · Shadow+5

Florian Weimer

Publicado

2012-12-06

Atualizado

2026-04-09

CVE-2013-4235

CVSS v3.1

4.7

Média

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions shadow (affected versions not specified)

Description The issue is related to a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. This can be exploited to compromise data integrity and cause a denial of service. The vulnerability is associated with insufficient checking of the state of a shared resource.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Time Of Check To Time Of Use

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-367

Identificadores relacionados

BDU:2023-07601

CVE-2013-4235

MGASA-2022-0455

OESA-2023-1828

OESA-2023-1849

OESA-2023-1850

OESA-2023-1851

OESA-2023-1852

OPENSUSE-SU-2024:11749-1

OPENSUSE-SU-2024_2658-1

SUSE-RU-2026:1228-1

SUSE-SU-2024:2603-1

SUSE-SU-2024:2630-1

SUSE-SU-2024:2648-1

SUSE-SU-2024:2657-1

SUSE-SU-2024:2658-1

SUSE-SU-2024:2659-1

SUSE-SU-2024:2804-1

SUSE-SU-2024:2805-1

SUSE-SU-2024:2806-1

SUSE-SU-2024:2807-1

SUSE-SU-2024:2808-1

SUSE-SU-2024:2809-1

SUSE-SU-2024_2603-1

SUSE-SU-2024_2630-1

SUSE-SU-2024_2648-1

SUSE-SU-2024_2658-1

SUSE-SU-2024_2804-1

SUSE-SU-2024_2805-1

SUSE-SU-2024_2808-1

SUSE-SU-2025:0292-1

SUSE-SU-2025_0292-1

USN-5745-1

USN-5745-2

Produtos afetados

Astra Linux

Debian

Linuxmint

Suse

Ubuntu

Shadow

PT-2012-1247 · Gnu+5 · Shadow+5

CVE-2013-4235

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 92