PublicDateAtUSN: 2011-10-29
Candidate: CVE-2011-4089
PublicDate: 2014-04-16 18:37:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089
 https://ubuntu.com/security/notices/USN-1308-1
Description:
 The bzexe command in bzip2 1.0.5 and earlier generates compressed
 executables that do not properly handle temporary files during extraction,
 which allows local users to execute arbitrary code by precreating a
 temporary directory.
Ubuntu-Description: 
Notes: 
 tyhicks> I don't believe that YAMA prevents this vulnerability.
 tyhicks> It is not yet clear what versions are affected.
 mdeslaur> PoC: http://www.exploit-db.com/exploits/18147/
 mdeslaur> PoC: http://pastebin.com/FaaEsXRW
Bugs: 
 http://bugs.debian.org/632862
Priority: medium
Discovered-by: vladz
Assigned-to: tyhicks
CVSS: 

Patches_bzip2:
 vendor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862#5
upstream_bzip2: released (1.0.6-1)
hardy_bzip2: released (1.0.4-2ubuntu4.2)
lucid_bzip2: released (1.0.5-4ubuntu0.2)
maverick_bzip2: released (1.0.5-4ubuntu1.1)
natty_bzip2: released (1.0.5-6ubuntu1.11.04.1)
oneiric_bzip2: released (1.0.5-6ubuntu1.11.10.1)
devel_bzip2: released (1.0.6-1)