Unrated severityNVD Advisory· Published Aug 7, 2012· Updated Jun 16, 2026
CVE-2012-3386
CVE-2012-3386
Description
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
54cpe:2.3:a:gnu:automake:*:*:*:*:*:*:*:*+ 50 more
- cpe:2.3:a:gnu:automake:*:*:*:*:*:*:*:*range: <=1.11.5
- cpe:2.3:a:gnu:automake:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.10.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p1:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p2:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p3:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p4:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p5:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.4:p6:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.7.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:automake:1.9.6:*:*:*:*:*:*:*
- (no CPE)range: <=1.12.1 (1.12.x before 1.12.2) and <=1.11.5 (before 1.11.6)
- osv-coords3 versionspkg:rpm/opensuse/gv&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/wdiff&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/wdiff&distro=SUSE%20Package%20Hub%2015%20SP4
< 1.2.2-5.5+ 2 more
- (no CPE)range: < 1.2.2-5.5
- (no CPE)range: < 1.2.2-bp154.2.1
- (no CPE)range: < 1.2.2-bp154.2.1
Patches
Vulnerability mechanics
References
10- lists.gnu.org/archive/html/automake/2012-07/msg00021.htmlnvdPatch
- lists.gnu.org/archive/html/automake/2012-07/msg00022.htmlnvdPatch
- lists.gnu.org/archive/html/automake/2012-07/msg00023.htmlnvdPatch
- git.savannah.gnu.org/cgit/automake.git/commit/nvdExploitPatch
- lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.htmlnvd
- lists.opensuse.org/opensuse-updates/2012-11/msg00038.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0526.htmlnvd
- www.mandriva.com/security/advisoriesnvd
News mentions
0No linked articles in our index yet.