Back to search
CVE-2015-3315
Published: Jun 26, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1211835
x_refsource_CONFIRM
https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92
x_refsource_CONFIRM
[oss-security] 20150416 Re: Problems in automatic crash analysis frameworks
mailing-list
x_refsource_MLIST
[oss-security] 20150414 Problems in automatic crash analysis frameworks
mailing-list
x_refsource_MLIST
RHSA-2015:1083
vendor-advisory
x_refsource_REDHAT
https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68
x_refsource_CONFIRM
https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7
x_refsource_CONFIRM
75117
vdb-entry
x_refsource_BID
44097
exploit
x_refsource_EXPLOIT-DB
RHSA-2015:1210
vendor-advisory
x_refsource_REDHAT
https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now