SLocate Local Database Corruption Vulnerability

SLocate Local Database Corruption Vulnerability

slocate is susceptible to a local database corruption vulnerability. This issue is due to a failure of the application to handle unexpected directory and filename input.

This issue presents itself when the affected utility attempts to index specially crafted directory structures. The utility fails to handle the directory structure, and fails to complete the indexing process.

This vulnerability allows local attackers to cause the premature failure of the index process, resulting in an incomplete database. If the database is used in further security, backup, or other critical functions, incomplete data may result in the failure of services dependent on it.

This issue is reported in version 2.7 of slocate, but other versions may also be affected.