vulnerability
CentOS Linux: CVE-2019-12449: Moderate: GNOME security, bug fix, and enhancement update (CESA-2020:1766)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | May 29, 2019 | Apr 29, 2020 | May 25, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
May 29, 2019
Added
Apr 29, 2020
Modified
May 25, 2023
Description
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.
Solution(s)
centos-upgrade-accountsservicecentos-upgrade-accountsservice-debuginfocentos-upgrade-accountsservice-debugsourcecentos-upgrade-accountsservice-libscentos-upgrade-accountsservice-libs-debuginfocentos-upgrade-appstream-datacentos-upgrade-baobabcentos-upgrade-baobab-debuginfocentos-upgrade-baobab-debugsourcecentos-upgrade-cluttercentos-upgrade-clutter-debuginfocentos-upgrade-clutter-debugsourcecentos-upgrade-clutter-tests-debuginfocentos-upgrade-evincecentos-upgrade-evince-browser-plugincentos-upgrade-evince-browser-plugin-debuginfocentos-upgrade-evince-debuginfocentos-upgrade-evince-debugsourcecentos-upgrade-evince-libscentos-upgrade-evince-libs-debuginfocentos-upgrade-evince-nautiluscentos-upgrade-evince-nautilus-debuginfocentos-upgrade-gdmcentos-upgrade-gdm-debuginfocentos-upgrade-gdm-debugsourcecentos-upgrade-gjscentos-upgrade-gjs-debuginfocentos-upgrade-gjs-debugsourcecentos-upgrade-gjs-tests-debuginfocentos-upgrade-gnome-boxescentos-upgrade-gnome-boxes-debuginfocentos-upgrade-gnome-boxes-debugsourcecentos-upgrade-gnome-control-centercentos-upgrade-gnome-control-center-debuginfocentos-upgrade-gnome-control-center-debugsourcecentos-upgrade-gnome-control-center-filesystemcentos-upgrade-gnome-menuscentos-upgrade-gnome-menus-debuginfocentos-upgrade-gnome-menus-debugsourcecentos-upgrade-gnome-online-accountscentos-upgrade-gnome-online-accounts-debuginfocentos-upgrade-gnome-online-accounts-debugsourcecentos-upgrade-gnome-online-accounts-develcentos-upgrade-gnome-remote-desktopcentos-upgrade-gnome-remote-desktop-debuginfocentos-upgrade-gnome-remote-desktop-debugsourcecentos-upgrade-gnome-sessioncentos-upgrade-gnome-session-debuginfocentos-upgrade-gnome-session-debugsourcecentos-upgrade-gnome-session-wayland-sessioncentos-upgrade-gnome-session-xsessioncentos-upgrade-gnome-settings-daemoncentos-upgrade-gnome-settings-daemon-debuginfocentos-upgrade-gnome-settings-daemon-debugsourcecentos-upgrade-gnome-shellcentos-upgrade-gnome-shell-debuginfocentos-upgrade-gnome-shell-debugsourcecentos-upgrade-gnome-softwarecentos-upgrade-gnome-software-debuginfocentos-upgrade-gnome-software-debugsourcecentos-upgrade-gnome-software-editorcentos-upgrade-gnome-software-editor-debuginfocentos-upgrade-gnome-terminalcentos-upgrade-gnome-terminal-debuginfocentos-upgrade-gnome-terminal-debugsourcecentos-upgrade-gnome-terminal-nautiluscentos-upgrade-gnome-terminal-nautilus-debuginfocentos-upgrade-gnome-tweakscentos-upgrade-gsettings-desktop-schemascentos-upgrade-gsettings-desktop-schemas-develcentos-upgrade-gtk-update-icon-cachecentos-upgrade-gtk-update-icon-cache-debuginfocentos-upgrade-gtk3centos-upgrade-gtk3-debuginfocentos-upgrade-gtk3-debugsourcecentos-upgrade-gtk3-develcentos-upgrade-gtk3-devel-debuginfocentos-upgrade-gtk3-immodule-ximcentos-upgrade-gtk3-immodule-xim-debuginfocentos-upgrade-gtk3-immodules-debuginfocentos-upgrade-gtk3-tests-debuginfocentos-upgrade-gvfscentos-upgrade-gvfs-afccentos-upgrade-gvfs-afc-debuginfocentos-upgrade-gvfs-afpcentos-upgrade-gvfs-afp-debuginfocentos-upgrade-gvfs-archivecentos-upgrade-gvfs-archive-debuginfocentos-upgrade-gvfs-clientcentos-upgrade-gvfs-client-debuginfocentos-upgrade-gvfs-debuginfocentos-upgrade-gvfs-debugsourcecentos-upgrade-gvfs-develcentos-upgrade-gvfs-fusecentos-upgrade-gvfs-fuse-debuginfocentos-upgrade-gvfs-goacentos-upgrade-gvfs-goa-debuginfocentos-upgrade-gvfs-gphoto2centos-upgrade-gvfs-gphoto2-debuginfocentos-upgrade-gvfs-mtpcentos-upgrade-gvfs-mtp-debuginfocentos-upgrade-gvfs-smbcentos-upgrade-gvfs-smb-debuginfocentos-upgrade-librawcentos-upgrade-libraw-debuginfocentos-upgrade-libraw-debugsourcecentos-upgrade-libraw-samples-debuginfocentos-upgrade-libvncservercentos-upgrade-libvncserver-debuginfocentos-upgrade-libvncserver-debugsourcecentos-upgrade-libxsltcentos-upgrade-libxslt-debuginfocentos-upgrade-libxslt-debugsourcecentos-upgrade-libxslt-develcentos-upgrade-mozjs52centos-upgrade-mozjs52-debuginfocentos-upgrade-mozjs52-debugsourcecentos-upgrade-mozjs52-devel-debuginfocentos-upgrade-mozjs60centos-upgrade-mozjs60-debuginfocentos-upgrade-mozjs60-debugsourcecentos-upgrade-muttercentos-upgrade-mutter-debuginfocentos-upgrade-mutter-debugsourcecentos-upgrade-mutter-tests-debuginfocentos-upgrade-nautiluscentos-upgrade-nautilus-debuginfocentos-upgrade-nautilus-debugsourcecentos-upgrade-nautilus-extensionscentos-upgrade-nautilus-extensions-debuginfocentos-upgrade-vinagrecentos-upgrade-vinagre-debuginfocentos-upgrade-vinagre-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.