CVE-2012-4454 (retired)

openCryptoki before 2.4.1, when using spinlocks, allows local users to
create or set world-writable permissions on arbitrary files via a symlink
attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
 mdeslaur> members of the pkcs11 group are considered trusted by upstream
 mdeslaur> and can escalate privileges to root even after the upstream
 mdeslaur> patches. See oss-security discussion.
 mdeslaur> Moving this to /var/lock/opencryptoki makes the problem worse
 mdeslaur> for members of the pkcs11 group as that directory wouldn't be
 mdeslaur> covered by symlink restrictions. Fix shouldn't be applied to
 mdeslaur> natty+
 mdeslaur> Fixing this in lucid would only prevent users who are not in
 mdeslaur> the pkcs11 group from escalating permissions. Since it is likely
 mdeslaur> that local users that have this installed are in that group,
 mdeslaur> this is downgraded to low.
More Information

Updated: 2019-04-26 14:33:06 UTC (commit 30899e40836d26e1bb5f0b072d31fd87b6cf3bd4)