Unrated severityNVD Advisory· Published Dec 11, 2009· Updated Apr 23, 2026
CVE-2009-4135
CVE-2009-4135
Description
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
Affected products
31cpe:2.3:a:gnu:coreutils:5.2.1:*:*:*:*:*:*:*+ 25 more
- cpe:2.3:a:gnu:coreutils:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.93:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.94:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.95:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.96:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:5.97:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:6.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:coreutils:8.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- git.savannah.gnu.org/cgit/coreutils.git/commit/nvdIssue TrackingPatch
- marc.infonvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- www.openwall.com/lists/oss-security/2009/12/08/4nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/37256nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2473-1nvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00954.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00972.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3453nvdPermissions Required
- secunia.com/advisories/37645nvd
- secunia.com/advisories/37860nvd
- secunia.com/advisories/62226nvd
- www.mail-archive.com/bug-coreutils%40gnu.org/msg18779.htmlnvd
- www.mail-archive.com/bug-coreutils%40gnu.org/msg18787.htmlnvd
- www.osvdb.org/60853nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54673nvd
News mentions
0No linked articles in our index yet.