Arbitrary File Write Vulnerability in Red Hat kexec-tools Module-Setup.sh Script

CVE-2015-0267 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.