oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: thermald

From: cve-assign () mitre org
Date: Sat, 8 Mar 2014 22:17:49 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I discovered that the thermald temperature management daemon opens a file
with predictable filename in /tmp unsafely. Please assign a CVE number for
this issue:

https://github.com/01org/thermal_daemon/blob/master/src/android_main.cpp#L117



can be used to write the process's pid to a file of the attacker's
choosing.


Use CVE-2014-2312.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTG9rOAAoJEKllVAevmvmspGEIAI+W32s9bbR1inTAjNLYepza
+1Kv1d1ZslV2Xlu0uFTF9dXCLJyRG9l8NPNmen1eLrMQfVROfn3mtPFotpXWFxnR
0kAwNnxd33x1UVOjb9qFkn6aYHn6eE4gWCQw3MAcfJCyEtRFkFHEqeze7uCmeVml
QIBfESKvigTTvZ/IcZIYuNIB3t0Vs1FNN8FdvOwPChTMJEg8jBrAoorFuznZWyLh
rZPrAeEqe0h8db0do66+shTXEvWIA6UgRM/ehbC2HWUVs9pWKmXIdtmcVn940gbg
FFT3zsFsWCoxJGhNkDjJyj3uobHnG3AaQ1+d9suWbwb6Pb6Y9MjkWTSKQaMyxXg=
=f1jy
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: