Security
Security
An insecure temporary file usage has been reported in the C* music player, allowing for symlink attacks.
| Package | media-sound/cmus on all architectures |
|---|---|
| Affected versions | < 2.2.0-r1 |
| Unaffected versions | >= 2.2.0-r1 |
The C* Music Player (cmus) is a modular and very configurable ncurses-based audio player.
Dmitry E. Oboukhov reported that cmus-status-display does not handle the "/tmp/cmus-status" temporary file securely.
A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application.
There is no known workaround at this time.
All C* music player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-sound/cmus-2.2.0-r1"
Release date
September 09, 2009
Latest revision
September 09, 2009: 01
Severity
normal
Exploitable
local
Bugzilla entries