Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 Jul 2016 19:46:27 +0200
From: Andreas Stieger <>
Subject: SQLite Tempdir Selection Vulnerability

Posted on FD:
> KL-001-2016-003 : SQLite Tempdir Selection Vulnerability
> Title: SQLite Tempdir Selection Vulnerability
> Advisory ID: KL-001-2016-003
> Publication Date: 2016.07.01
> Publication URL:
> 1. Vulnerability Details
>      Affected Vendor: SQLite/Hwaci
>      Affected Product: SQLite
>      Affected Version: All versions prior to 3.13.0
>      Platform: UNIX, GNU/Linux
>      CWE Classification: CWE-379: Creation of Temporary File in Directory
>                          with Incorrect Permissions
>      Impact: Data Leakage
>      Attack vector: Local

Release notes say:
> Change the temporary directory search algorithm
> <> on Unix to allow
> directories with write and execute permission, but without read
> permission, to serve as temporary directories. Apply this same
> standard to the "." fallback directory. 

The covering commits seem to be:
Change the temporary directory search algorithm on unix so that directories with only -wx permission are allowed. And do not allow "." to be returned if it lacks -wx permission.
Fix the fix to the temporary directory search algorithm so that it continues to return "." as a fallback if that directory has the correct permissions.
Fix the temporary directory search algorithm for unix so that it fails gracefully even if all candidate directories are inaccessible. This fixes a bug that was introduced by check-in [9b8fec60d8e].

Can a CVE please be assigned for this issue?


Andreas Stieger <>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imend├Ârffer, Jane Smithard, Graham Norton,
HRB 21284 (AG N├╝rnberg)

Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ