Mageia: 2021-0322 Moderate: Zstandard Permissions Issue (CVE-2021-24031)

mageia

July 8, 2021

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions

Summary

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties (CVE-2021-24031).

References

- https://bugs.mageia.org/show_bug.cgi?id=28444

- https://ubuntu.com/security/notices/USN-4760-1

- https://www.cve.org/CVERecord?id=CVE-2021-24031

Topics Covered

security advisory moderate severity permissions issue file access Mageia command-line utility

Resolution

SRPMS

- 7/core/zstd-1.4.0-1.1.mga7

Publication date: 09 Jul 2021

URL: https://advisories.mageia.org/MGASA-2021-0322.html

Type: security

CVE: CVE-2021-24031

Topics Covered

security advisory moderate severity permissions issue file access Mageia command-line utility

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2021-0322 Moderate: Zstandard Permissions Issue (CVE-2021-24031)

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2021-0322 Moderate: Zstandard Permissions Issue (CVE-2021-24031)

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!