CVE-2015-5228

Sažetak

The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.

Reference

http://lists.opensuse.org/opensuse-updates/2015-09/msg00030.html
http://www.openwall.com/lists/oss-security/2015/08/25/5
https://bugzilla.redhat.com/show_bug.cgi?id=1255782
https://lists.openvz.org/pipermail/criu/2015-August/021847.html

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-10-2018 - 16:27

Objavljeno

07-06-2016 - 14:06