{ "threat_severity" : "Moderate", "public_date" : "2019-05-29T00:00:00Z", "bugzilla" : { "description" : "gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write", "id" : "1728564", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1728564" }, "cvss3" : { "cvss3_base_score" : "6.4", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "status" : "verified" }, "cwe" : "CWE-364", "details" : [ "An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20191129.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "clutter-0:1.26.2-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-29.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-boxes-0:3.28.5-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-19.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-menus-0:3.13.3-11.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-online-accounts-0:3.28.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-session-0:3.28.1-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-14.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-terminal-0:3.28.3-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "LibRaw-0:0.19.5-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "libvncserver-0:0.9.11-14.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "libxslt-0:1.1.32-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mozjs52-0:52.9.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-34.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-12.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "vala-0:0.40.19-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "vinagre-0:3.22.0-21.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20191129.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "clutter-0:1.26.2-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-29.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-boxes-0:3.28.5-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-19.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-menus-0:3.13.3-11.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-online-accounts-0:3.28.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-session-0:3.28.1-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-14.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-terminal-0:3.28.3-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-8.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "LibRaw-0:0.19.5-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "libvncserver-0:0.9.11-14.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "libxslt-0:1.1.32-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mozjs52-0:52.9.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-34.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-12.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "vala-0:0.40.19-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-04-28T00:00:00Z", "advisory" : "RHSA-2020:1766", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "vinagre-0:3.22.0-21.el8" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "gvfs", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "gvfs", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-12448\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12448" ], "name" : "CVE-2019-12448", "csaw" : false }