CVE-2015-1338

Description

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.

References

https://launchpad.net/apport/trunk/2.19

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570

http://www.ubuntu.com/usn/USN-2744-1

http://seclists.org/fulldisclosure/2015/Sep/101

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3