Launchpad.net

CVE 2015-1338

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.

Related bugs and status

CVE-2015-1338 (Candidate) is related to these bugs:

Bug #1433320: systemd-journald, udev, logind crashed with SIGABRT -- get killed by 1 min watchdog timeout on longer kernel lockups

Summary				In	Importance	Status
	1433320	systemd-journald, udev, logind crashed with SIGABRT -- get killed by 1 min watchdog timeout on longer kernel lockups		systemd (Ubuntu)	Medium	Won't Fix
	1433320	systemd-journald, udev, logind crashed with SIGABRT -- get killed by 1 min watchdog timeout on longer kernel lockups		apport (Ubuntu)	High	Fix Released

Bug #1492570: /usr/share/apport/kernel_crashdump accesses files in insecure manner

		In	Importance	Status
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	apport (Ubuntu)	High	Fix Released
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	apport (Ubuntu Precise)	High	Fix Released
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	apport (Ubuntu Vivid)	High	Fix Released
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	apport (Ubuntu Wily)	High	Fix Released
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	apport (Ubuntu Trusty)	High	Fix Released
1492570	/usr/share/apport/kernel_crashdump accesses files in insecure manner	Apport	High	Fix Released

Bug #1500450: /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file

		In	Importance	Status
1500450	/usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file	apport (Ubuntu)	Low	Fix Released
1500450	/usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file	apport (Ubuntu Precise)	Medium	Fix Released
1500450	/usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file	apport (Ubuntu Vivid)	High	Fix Released
1500450	/usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file	apport (Ubuntu Trusty)	High	Fix Released

Bug #1500541: apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'

Summary				In	Importance	Status
	1500541	apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'		apport (Ubuntu)	Medium	Triaged

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-1338

Related bugs and status

Related bugs

References