VYPR

deepin-clone

by Deepin Clone

CVEs (1)

  • CVE-2019-13229MedJul 4, 2019
    risk 0.00cvss 5.5epss 0.00

    deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system…