CVE-2013-7171
Description
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Slackware/LLVMdescription
Patches
Vulnerability mechanics
Root cause
"The /tmp directory has world-writable permissions."
Attack vector
An attacker could leverage the world-writable permissions on the /tmp directory to execute arbitrary code with root privileges. This is possible because the build process for certain packages, such as LLVM, may use this directory. By placing malicious files or modifying existing ones within /tmp, an attacker could influence the build process and achieve privilege escalation [ref_id=1].
What the fix does
The advisory does not specify the exact changes made to remediate this vulnerability. However, the recommended action is to update the affected packages to versions that do not exhibit this insecure permission setting. The fix would involve changing the permissions of the /tmp directory to prevent unauthorized modifications by unprivileged users [ref_id=1].
Preconditions
- configThe affected system must be running Slackware 14.0 or 14.1, or LLVM 3.0-i486-2 or 3.3-i486-2 [ref_id=1].
- networkThe attacker must have network access to the vulnerable system to exploit the world-writable /tmp directory.
Generated on Jun 3, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- www.openwall.com/lists/oss-security/2013/12/20/1mitrex_refsource_MISC
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- exchange.xforce.ibmcloud.com/vulnerabilities/89915mitrex_refsource_MISC
- security-tracker.debian.org/tracker/CVE-2013-7171mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.