Race Condition in gzip Product by Multiple Vendors
CVE-2005-0988

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
2 May 2005

Summary

A race condition vulnerability in the gzip compression utility allows local users to exploit a timing issue when decompressing gzipped files. By performing a hard link attack on a file during the decompression process, an attacker can modify the file permissions of arbitrary files once gzip completes its operation. This can lead to unauthorized access or control over sensitive files, as the permissions may be altered by the gzip tool post-decompression.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.