CVE-2015-7529

sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
sos_projectsos
3.0 ≤
𝑥
≤ 3.8
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
canonicalubuntu_linux
15.10
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.2
redhatenterprise_linux_server_aus
7.3
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_aus
7.7
redhatenterprise_linux_server_eus
6.7
redhatenterprise_linux_server_eus
7.2
redhatenterprise_linux_server_eus
7.3
redhatenterprise_linux_server_eus
7.4
redhatenterprise_linux_server_eus
7.5
redhatenterprise_linux_server_eus
7.6
redhatenterprise_linux_server_eus
7.7
redhatenterprise_linux_server_tus
7.2
redhatenterprise_linux_server_tus
7.3
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_server_tus
7.7
redhatenterprise_linux_workstation
6.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
sosreport
bookworm
4.0-2
fixed
bullseye
4.0-2
fixed
sid
4.8.1-2
fixed
trixie
4.8.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sosreport
wily
Fixed 3.2-2ubuntu1.1
released
vivid
Fixed 3.2-2ubuntu0.1
released
trusty
Fixed 3.1-1ubuntu2.2
released
precise
dne
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2016-0152.html
http://rhn.redhat.com/errata/RHSA-2016-0188.html
http://www.securityfocus.com/bid/83162
http://www.ubuntu.com/usn/USN-2845-1
https://access.redhat.com/errata/RHSA-2016:0152
https://access.redhat.com/errata/RHSA-2016:0188
https://bugzilla.redhat.com/show_bug.cgi?id=1282542
https://github.com/sosreport/sos/issues/696
http://rhn.redhat.com/errata/RHSA-2016-0152.html
http://rhn.redhat.com/errata/RHSA-2016-0188.html
http://www.securityfocus.com/bid/83162
http://www.ubuntu.com/usn/USN-2845-1
https://access.redhat.com/errata/RHSA-2016:0152
https://access.redhat.com/errata/RHSA-2016:0188
https://bugzilla.redhat.com/show_bug.cgi?id=1282542
https://github.com/sosreport/sos/issues/696