CVE-2014-1624 - Vulnerability Details - OpenCVE

Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00055.

Key SSVC decision points have not yet been added.

Vendors	Products
Python	Pyxdg

Configuration 1 [-]

cpe:2.3:a:python:pyxdg:0.25:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2014-0096	Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.
Github GHSA	GHSA-7372-q459-jxhr	pyxdg Arbitrary File Overwrite via Race Condition

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247
http://www.openwall.com/lists/oss-security/2014/01/21/3
http://www.openwall.com/lists/oss-security/2014/01/21/4
http://www.securityfocus.com/bid/65042
https://exchange.xforce.ibmcloud.com/vulnerabilities/90618
https://nvd.nist.gov/vuln/detail/CVE-2014-1624
https://www.cve.org/CVERecord?id=CVE-2014-1624

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-01-28T00:00:00

Updated: 2024-08-06T09:50:09.591Z

Reserved: 2014-01-21T00:00:00

Link: CVE-2014-1624

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-01-28T00:55:04.083

Modified: 2025-04-11T00:51:21.963

Link: CVE-2014-1624

Redhat

Severity : Moderate

Publid Date: 2014-01-21T00:00:00Z

Links: CVE-2014-1624 - Bugzilla

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-21T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20140121 Re: Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/01/21/4"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247"}, {"name": "pythonxdg-cve20141624-symlink(90618)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90618"}, {"name": "65042", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65042"}, {"name": "[oss-security] 20140121 Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/01/21/3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-1624", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20140121 Re: Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/4"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247", "refsource": "MISC", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247"}, {"name": "pythonxdg-cve20141624-symlink(90618)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90618"}, {"name": "65042", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65042"}, {"name": "[oss-security] 20140121 Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:50:09.591Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20140121 Re: Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/01/21/4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247"}, {"name": "pythonxdg-cve20141624-symlink(90618)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90618"}, {"name": "65042", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65042"}, {"name": "[oss-security] 20140121 Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/01/21/3"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-1624", "datePublished": "2014-01-28T00:00:00", "dateReserved": "2014-01-21T00:00:00", "dateUpdated": "2024-08-06T09:50:09.591Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python:pyxdg:0.25:*:*:*:*:*:*:*", "matchCriteriaId": "C1A9B8AF-17C0-4B47-A6D4-5C8A25EC5982", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called."}, {"lang": "es", "value": "Condici\u00f3n de carrera en la funci\u00f3n xdg.BaseDirectory.get_runtime_dir en python-xdg 0.25 permite a usuarios locales sobreescribir archivos arbitrarios mediante la pre-creaci\u00f3n /tmp/pyxdg-runtime-dir-fallback-victim para apuntar a una localizaci\u00f3n victim-owned, despu\u00e9s reemplaz\u00e1ndolo con un symlink hacia una localizaci\u00f3n controlada por el atacante una vez es llamada la funci\u00f3n get_runtime_dir."}], "id": "CVE-2014-1624", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-28T00:55:04.083", "references": [{"source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/3"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/4"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/65042"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90618"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736247"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/01/21/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90618"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}