Headline
CVE-2013-4235: CVE-2013-4235
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
Name
CVE-2013-4235
Description
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
Source
CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs
778950
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package
Release
Version
Status
shadow (PTS)
buster
1:4.5-1.1
vulnerable
bullseye
1:4.8.1-1
vulnerable
bookworm, sid
1:4.13+dfsg1-1
fixed
The information below is based on the following data on fixed versions.
Package
Type
Release
Fixed Version
Urgency
Origin
Debian Bugs
shadow
source
(unstable)
1:4.12.3+dfsg1-1
unimportant
778950
Notes
https://github.com/shadow-maint/shadow/issues/317
https://github.com/shadow-maint/shadow/pull/545
Fixed by: https://github.com/shadow-maint/shadow/commit/e9ae247cb14f977d8881f481488843b10665dba8 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/f6f8bcd2a57c06983296485cc028ebdf467ebfd7 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/dab764d0195fc16d1d39330eee8a33e8917826d8 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/1d281273b149f2bb992d893d8ca9ffffddc95cc8 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/f606314f0c22fb5d13e5af17a70860d57559e808 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/6cbec2d0aa29d6d25e9eed007ded4e79eb637519 (4.12.2)
Fixed by: https://github.com/shadow-maint/shadow/commit/faeab50e710131816b261de66141524898c2c487 (4.12.2)
Regression fix: https://github.com/shadow-maint/shadow/commit/f3bdb28e57e5e38c1e89347976c7d61a181eec32 (4.13)
Regression fix: https://github.com/shadow-maint/shadow/commit/10cd68e0f04b48363eb32d2c6e168b358fb27810 (4.13)
Regression fix: https://github.com/shadow-maint/shadow/commit/cde221b8587193f9dc300c0799a530e846c75961 (4.13)
Related news
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Ubuntu Security Notice 5745-1 - Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization.