PT-2012-1247 · Gnu+5 · Shadow+5

Florian Weimer

Published

2012-12-06

Updated

2026-04-09

CVE-2013-4235

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions shadow (affected versions not specified)

Description The issue is related to a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. This can be exploited to compromise data integrity and cause a denial of service. The vulnerability is associated with insufficient checking of the state of a shared resource.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367

Related Identifiers

BDU:2023-07601

CVE-2013-4235

MGASA-2022-0455

OESA-2023-1828

OESA-2023-1849

OESA-2023-1850

OESA-2023-1851

OESA-2023-1852

OPENSUSE-SU-2024:11749-1

OPENSUSE-SU-2024_2658-1

SUSE-RU-2026:1228-1

SUSE-SU-2024:2603-1

SUSE-SU-2024:2630-1

SUSE-SU-2024:2648-1

SUSE-SU-2024:2657-1

SUSE-SU-2024:2658-1

SUSE-SU-2024:2659-1

SUSE-SU-2024:2804-1

SUSE-SU-2024:2805-1

SUSE-SU-2024:2806-1

SUSE-SU-2024:2807-1

SUSE-SU-2024:2808-1

SUSE-SU-2024:2809-1

SUSE-SU-2024_2603-1

SUSE-SU-2024_2630-1

SUSE-SU-2024_2648-1

SUSE-SU-2024_2658-1

SUSE-SU-2024_2804-1

SUSE-SU-2024_2805-1

SUSE-SU-2024_2808-1

SUSE-SU-2025:0292-1

SUSE-SU-2025_0292-1

USN-5745-1

USN-5745-2

Affected Products

Astra Linux

Debian

Linuxmint

Suse

Ubuntu

Shadow

PT-2012-1247 · Gnu+5 · Shadow+5

CVE-2013-4235

Weakness Enumeration

Related Identifiers

Affected Products

References · 92