The MITRE CVE dictionary describes this issue as:
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (gzip)||RHSA-2005:357||June 13, 2005|
|Red Hat Enterprise Linux version 3 (gzip)||RHSA-2005:357||June 13, 2005|
|Red Hat Enterprise Linux version 4 (gzip)||RHSA-2005:357||June 13, 2005|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.