id summary reporter owner description type status priority milestone component version severity resolution keywords cc mlocked 4822 potentially exploitable file race in mythcdrom-linux.cpp Erik Hovland Isaac Richards The summary makes it sound more threatening then it is. But an attack could be made in mythcdrom-linux.cpp in the member function MythCDROMLinux::setSpeed(). The function makes a stat call using the string name of the cdrom device file and then an open using that same string. It is possible for the caller to get a good stat on a file with that filename and then switch the underlying file to something of their liking before the open call is made. It would be safer if the function tried the open, then did and fstat on the file descriptor. defect closed minor 0.22 mythtv 0.21-fixes low fixed 0