CVE-2014-3219 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-3219 Interim 1 20 2025-11-05T05:07:47Z current 2021-05-30T13:20:45Z 2025-11-05T05:07:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-3219 fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3XMUPRUMZVMHTIGMFKMR5QUFUP4OTEOW/#3XMUPRUMZVMHTIGMFKMR5QUFUP4OTEOW E-Mail link for openSUSE-SU-2019:2177-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W3QH6VXA2BZDXBQCFFTODXPYTUKYKPG/#2W3QH6VXA2BZDXBQCFFTODXPYTUKYKPG E-Mail link for openSUSE-SU-2019:2188-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 16.0 SUSE Package Hub 12 openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Tumbleweed fish-2.2.0-6.1 fish-2.4.0-1.1 fish-4.0.1-160000.2.2 fish-devel-4.0.1-160000.2.2 fish3-3.0.0-lp150.3.1 fish3-3.0.0-lp151.2.1 fish3-devel-3.0.0-lp150.3.1 fish3-devel-3.0.0-lp151.2.1 fish-4.0.1-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 fish-devel-4.0.1-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 fish-2.2.0-6.1 as a component of SUSE Package Hub 12 fish3-3.0.0-lp150.3.1 as a component of openSUSE Leap 15.0 fish3-devel-3.0.0-lp150.3.1 as a component of openSUSE Leap 15.0 fish3-3.0.0-lp151.2.1 as a component of openSUSE Leap 15.1 fish3-devel-3.0.0-lp151.2.1 as a component of openSUSE Leap 15.1 fish-2.4.0-1.1 as a component of openSUSE Tumbleweed fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER. CVE-2014-3219 SUSE Linux Enterprise Server 16.0:fish-4.0.1-160000.2.2 SUSE Linux Enterprise Server 16.0:fish-devel-4.0.1-160000.2.2 SUSE Package Hub 12:fish-2.2.0-6.1 openSUSE Leap 15.0:fish3-3.0.0-lp150.3.1 openSUSE Leap 15.0:fish3-devel-3.0.0-lp150.3.1 openSUSE Leap 15.1:fish3-3.0.0-lp151.2.1 openSUSE Leap 15.1:fish3-devel-3.0.0-lp151.2.1 openSUSE Tumbleweed:fish-2.4.0-1.1 important 4.3 AV:L/AC:L/Au:S/C:P/I:P/A:P