VYPR
Medium severity4.7NVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-1111

CVE-2005-1111

Description

Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • GNU/Cpio2 versions
    cpe:2.3:a:gnu:cpio:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:gnu:cpio:*:*:*:*:*:*:*:*range: <=2.6
    • (no CPE)range: <=2.6
  • cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.