CVE-2015-7810 — Time-of-check Time-of-use (TOCTOU) Race Condition in Libbluray

Severity

4.7MEDIUMNVD

EPSS

0.1%

top 70.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 22

Latest updateMay 24

Description

libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.0 | Impact: 3.6

▶debiandebian/libbluray< libbluray 1:0.9.1-1 (bookworm)

▶Debianlibbluray/libbluray< 1:0.9.1-1+3

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 17, 18, Enterprise Linux 7.0

GHSA

GHSA-3qpq-9423-wfmq: libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files↗2022-05-24

▶

OSV

CVE-2015-7810: libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files↗2019-11-22

▶

Red Hat

(MountManager): TOCTOU race when expanding JAR files↗2015-02-06

▶

Debian

CVE-2015-7810: libbluray - libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when ...↗2015

▶

Apache

Apache tomcat: CVE-2014-7810↗

▶

Bugzilla

CVE-2015-7810 libbluray (MountManager): TOCTOU race when expanding JAR files↗2013-05-03

▶