Race Condition Vulnerability in GNOME gvfs Affected by Privileged Access Flaw

CVE-2019-12448

What is CVE-2019-12448?

A vulnerability in GNOME gvfs versions 1.29.4 to 1.41.2 presents a race condition due to the admin backend's lack of implementation for query_info_on_read/write operations. This oversight can lead to unauthorized access to privileged files, enabling malicious users or applications to exploit this flaw for potential data leakage or unauthorized modifications.

References