Privilege Escalation in abrt-action-install-debuginfo-to-abrt-cache in ABRT

Privilege Escalation in abrt-action-install-debuginfo-to-abrt-cache in ABRT

CVE-2015-3159 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges.

Learn more about our User Device Pen Test.