1048678 – (CVE-2014-0027) CVE-2014-0027 flite: insecure temporary file use

Bug 1048678 (CVE-2014-0027) - CVE-2014-0027 flite: insecure temporary file use

Summary: CVE-2014-0027 flite: insecure temporary file use

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2014-0027
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1050995 1050997 1050998
Blocks:	1023438 1048682
TreeView+	depends on / blocked

Reported:	2014-01-06 05:45 UTC by Murray McAllister
Modified:	2023-05-12 01:49 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-01-10 03:08:48 UTC
Embargoed:

Attachments	(Terms of Use)
proposed patch (1.38 KB, patch) 2014-01-06 14:24 UTC, Rui Matos	no flags	Details \| Diff
View All

Description Murray McAllister 2014-01-06 05:45:19 UTC

It was found that flite, a speech synthesis engine (text-to-speech), insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running flite, or possibly obtain sensitive information as the temporary file may contain text-to-speech output (screen contents).

Acknowledgements:

This issue was discovered by Florian Weimer of the Red Hat Product Security Team.

Comment 6 Rui Matos 2014-01-06 14:24:51 UTC

Created attachment 846118 [details]
proposed patch

Comment 11 Murray McAllister 2014-01-09 13:57:27 UTC

Created flite tracking bugs for this issue:

Affects: fedora-all [bug 1050997]
Affects: epel-all [bug 1050998]

Comment 12 Huzaifa S. Sidhpurwala 2014-01-10 03:08:48 UTC

This issue affects the version of flite package as shipped with Fedora 19 and Fedora 20.

This issue affects the version of flite package as shipped with epel-5 and epel-6.

Comment 13 Fedora Update System 2014-02-05 03:38:35 UTC

flite-1.3-20.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2014-02-05 03:43:23 UTC

flite-1.3-21.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.