CVE-2015-1338
published 2015-10-01CVE-2015-1338: kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2)…
PriorityP432high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.91%
55.5th percentile
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | <= 2.18.1 | — |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.15 | 2.14.1-0ubuntu3.15 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Apport vulnerability
vendor_ubuntu·2015-09-24
CVE-2015-1338 Apport vulnerability
Title: Apport vulnerability
Summary: Apport could be made to crash or overwrite files as an administrator.
Halfdog discovered that Apport incorrectly handled kernel crash dump files.
A local attacker could use this issue to cause a denial of service, or
possibly elevate privileges. The default symlink protections for affected
releases should reduce the vulnerability to a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)
vendor_redhat·2015-01-26·CVSS 6.8
CVE-2014-1338 [MEDIUM] webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.
Statement: Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: webkitgtk (Red Hat Enterprise Linux 6) - Will not fix
Package: webkitgtk3 (Red Hat Enterprise Linux
GHSA
GHSA-77gx-3rjc-296q: kernel_crashdump in Apport before 2
ghsa_unreviewed·2022-05-17
CVE-2015-1338 [HIGH] CWE-59 GHSA-77gx-3rjc-296q: kernel_crashdump in Apport before 2
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
OSV
CVE-2015-1338: kernel_crashdump in Apport before 2
osv·2015-09-24·CVSS 7.2
CVE-2015-1338 [HIGH] CVE-2015-1338: kernel_crashdump in Apport before 2
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
No detection rules found.
http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-Symlink.htmlhttp://seclists.org/fulldisclosure/2015/Sep/101http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilities/http://www.ubuntu.com/usn/USN-2744-1https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570https://launchpad.net/apport/trunk/2.19https://www.exploit-db.com/exploits/38353/http://packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-Symlink.htmlhttp://seclists.org/fulldisclosure/2015/Sep/101http://www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilities/http://www.ubuntu.com/usn/USN-2744-1https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570https://launchpad.net/apport/trunk/2.19https://www.exploit-db.com/exploits/38353/
2015-10-01
Published