CVE-2015-1338

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
apport_projectapport
𝑥
≤ 2.18.1
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apport
zesty
Fixed 2.19-0ubuntu1
released
yakkety
Fixed 2.19-0ubuntu1
released
xenial
Fixed 2.19-0ubuntu1
released
wily
Fixed 2.19-0ubuntu1
released
vivid
Fixed 2.17.2-0ubuntu1.5
released
trusty
Fixed 2.14.1-0ubuntu3.15
released
precise
Fixed 2.0.1-0ubuntu17.10
released
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-Symlink.html
http://seclists.org/fulldisclosure/2015/Sep/101
http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilities/
http://www.ubuntu.com/usn/USN-2744-1
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570
https://launchpad.net/apport/trunk/2.19
https://www.exploit-db.com/exploits/38353/
http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-Symlink.html
http://seclists.org/fulldisclosure/2015/Sep/101
http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilities/
http://www.ubuntu.com/usn/USN-2744-1
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570
https://launchpad.net/apport/trunk/2.19
https://www.exploit-db.com/exploits/38353/