Red Hat Bugzilla – Bug 209464
CVE-2006-5072 Mono insecure temporary file usage
Last modified: 2007-11-30 17:11:45 EST
This information came from Marcus Meissner of Suse:
Sebastian Krahmer of SUSE audited Mono and found a tempfile
race condition in the Mono Core libraries, found in
The diff (actual there are 2 commits) to fix it are here:
I have only looked at them briefly, but the fix looks OK.
This can be used by a local attacker for instance with help of
System.Xml.Serialization (SerializationCodeGenerator.cs), which
compiles .cs code into .dlls on the fly, to inject code into a
running Mono process.
Patch applies cleanly and looks correct, applied, built, added to fedora package
mono-22.214.171.124-2.fc5.1 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.