Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00051 Percentile:
0.15602
CVSS Scoring
CVSS v2 Score: 4.4
Severity:
Mapped CWE(s)
CWE-362
: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
All CAPEC(s)
CAPEC-26: Leveraging Race Conditions
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions