The MITRE CVE dictionary describes this issue as:
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (bzip2)||RHSA-2005:474||June 16, 2005|
|Red Hat Enterprise Linux version 3 (bzip2)||RHSA-2005:474||June 16, 2005|
|Red Hat Enterprise Linux version 4 (bzip2)||RHSA-2005:474||June 16, 2005|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.