Vulnerability Description
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apport Project | Apport | <= 2.18.1 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-SymliExploit
- http://seclists.org/fulldisclosure/2015/Sep/101
- http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilitExploit
- http://www.ubuntu.com/usn/USN-2744-1
- https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570
- https://launchpad.net/apport/trunk/2.19Patch
- https://www.exploit-db.com/exploits/38353/Exploit
- http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-SymliExploit
- http://seclists.org/fulldisclosure/2015/Sep/101
- http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilitExploit
- http://www.ubuntu.com/usn/USN-2744-1
- https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570
- https://launchpad.net/apport/trunk/2.19Patch
- https://www.exploit-db.com/exploits/38353/Exploit
FAQ
What is CVE-2015-1338?
CVE-2015-1338 is a vulnerability with a CVSS score of 7.2 (HIGH). kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log...
How severe is CVE-2015-1338?
CVE-2015-1338 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1338?
Check the references section above for vendor advisories and patch information. Affected products include: Apport Project Apport, Canonical Ubuntu Linux.