CVE-2015-3315

Impact:
Important
Public Date:
2015-04-14
CWE:
CWE-362->CWE-59
Bugzilla:
1211835: CVE-2015-3315 abrt: Various race-conditions and symlink issues found in abrt
It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use either of these flaws to potentially escalate their privileges on the system.

Find out more about CVE-2015-3315 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of the abrt package as shipped with Red Hat Enterprise Linux 6 and 7.

CVSS v2 metrics

Base Score 7.2
Base Metrics AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (abrt) RHSA-2015:1210 2015-07-07
Red Hat Enterprise Linux 7 (abrt) RHSA-2015:1083 2015-06-09

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 7 abrt 2.1.11-22.el7_1 Fixed
Red Hat Enterprise Linux version 7 libreport 2.1.11-23.ael7b_1 Fixed
Red Hat Enterprise Linux version 6 libreport 2.0.9-21.el6_6.1 Fixed
Red Hat Enterprise Linux version 6 abrt 2.0.8-26.el6_6.1 Fixed

Mitigation

It is recommended to disable abrt via the following command line, till the flaws have been resolved:
sysctl -w kern.core_pattern=core

Note: This will reset, if abrt is re-started.

External References

Last Modified