Unrated severityNVD Advisory· Published Mar 30, 2011· Updated Apr 29, 2026
CVE-2011-1098
CVE-2011-1098
Description
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
Affected products
14cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*range: <=3.7.9
- cpe:2.3:a:gentoo:logrotate:3.3:r2:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.5.9:r1:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.6.5:r1:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.1:r1:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.1:r2:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:logrotate:3.7.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
43- lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.htmlnvdPatch
- openwall.com/lists/oss-security/2011/03/04/16nvdPatch
- openwall.com/lists/oss-security/2011/03/07/11nvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- www.vupen.com/english/advisories/2011/0791nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.htmlnvd
- openwall.com/lists/oss-security/2011/03/04/17nvd
- openwall.com/lists/oss-security/2011/03/04/18nvd
- openwall.com/lists/oss-security/2011/03/04/19nvd
- openwall.com/lists/oss-security/2011/03/04/22nvd
- openwall.com/lists/oss-security/2011/03/04/24nvd
- openwall.com/lists/oss-security/2011/03/04/25nvd
- openwall.com/lists/oss-security/2011/03/04/26nvd
- openwall.com/lists/oss-security/2011/03/04/27nvd
- openwall.com/lists/oss-security/2011/03/04/28nvd
- openwall.com/lists/oss-security/2011/03/04/29nvd
- openwall.com/lists/oss-security/2011/03/04/30nvd
- openwall.com/lists/oss-security/2011/03/04/31nvd
- openwall.com/lists/oss-security/2011/03/04/32nvd
- openwall.com/lists/oss-security/2011/03/04/33nvd
- openwall.com/lists/oss-security/2011/03/05/4nvd
- openwall.com/lists/oss-security/2011/03/05/6nvd
- openwall.com/lists/oss-security/2011/03/05/8nvd
- openwall.com/lists/oss-security/2011/03/06/3nvd
- openwall.com/lists/oss-security/2011/03/06/4nvd
- openwall.com/lists/oss-security/2011/03/06/5nvd
- openwall.com/lists/oss-security/2011/03/06/6nvd
- openwall.com/lists/oss-security/2011/03/07/5nvd
- openwall.com/lists/oss-security/2011/03/07/6nvd
- openwall.com/lists/oss-security/2011/03/08/5nvd
- openwall.com/lists/oss-security/2011/03/10/2nvd
- openwall.com/lists/oss-security/2011/03/10/3nvd
- openwall.com/lists/oss-security/2011/03/10/6nvd
- openwall.com/lists/oss-security/2011/03/10/7nvd
- openwall.com/lists/oss-security/2011/03/11/3nvd
- openwall.com/lists/oss-security/2011/03/11/5nvd
- openwall.com/lists/oss-security/2011/03/14/26nvd
- openwall.com/lists/oss-security/2011/03/23/11nvd
- secunia.com/advisories/43955nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2011-0407.htmlnvd
- www.vupen.com/english/advisories/2011/0872nvd
- www.vupen.com/english/advisories/2011/0961nvd
News mentions
0No linked articles in our index yet.