Denial of Service and Privilege Escalation via Symlink and Hard Link Attacks on kernel_crashdump in Apport

Denial of Service and Privilege Escalation via Symlink and Hard Link Attacks on kernel_crashdump in Apport

CVE-2015-1338 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.

Learn more about our User Device Pen Test.