CVE-2015-1338

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Configurations

Configuration 1 (hide)

cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-10-01 20:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-1338

Mitre link : CVE-2015-1338

CVE.ORG link : CVE-2015-1338


JSON object : View

Products Affected

apport_project

  • apport

canonical

  • ubuntu_linux
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')