CVE-2004-0972

Publication date 9 February 2005

Last updated 24 July 2024

Ubuntu priority

The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
lvm10	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.0.8-12
	6.06 LTS dapper	Fixed 1.0.8-12

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-15-1
lvm10 vulnerability
2 November 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0972