Race Condition in Logrotate Affects Local Users by Revealing Log Data
CVE-2011-1098

Currently unrated

Key Information:

Vendor

Gentoo

Status
Logrotate
Vendor
CVE Published:
30 March 2011

What is CVE-2011-1098?

The race condition in the createOutputFile function of logrotate prior to version 3.8.0 allows unauthorized local users to read log data by exploiting the timing of permission checks. Malicious users can open a target file before the intended permissions are established, leading to potential exposure of sensitive log information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://openwall.com/lists/oss-security/2011/03/04/19
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/03/04/16
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/03/04/25
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.