Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 576134

Summary: app-emulation/wine: Insecure use of temp files with predictable names
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: minor CC: jre.winesim, ovi, wine, wizardedit
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1312958
See Also: https://bugs.winehq.org/show_bug.cgi?id=39013
Whiteboard: B4 [upstream]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2016-03-01 17:31:35 UTC
From ${URL} :

It was reported that wine uses /tmp/.wine-$UID as a directory for sockets and lock files. Malicious 
local user could create /tmp/.wine-$UID for another user's uid, preventing the other user from 
using wine. Moreover, the server_connect() function doesn't check if /tmp/.wine-$UID or its 
subdirectories are symlinks, so in some circumstances it might be possible to trick wine to connect 
to an unrelated socket.

Debian bug report:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816034


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Adam Feldman gentoo-dev 2016-03-02 01:01:50 UTC
Upstream has a bug that raised the point a while ago, no action.  Bringing it back to their attention noting that at least 3 distros have marked it as a security bug.  Will keep an eye on upstream.
Adding upstream URL.