Bug 1212818 (CVE-2015-3142) - CVE-2015-3142 abrt: abrt-hook-ccpp writes core dumps to existing files owned by others
Summary: CVE-2015-3142 abrt: abrt-hook-ccpp writes core dumps to existing files owned ...
Status: CLOSED ERRATA
Alias: CVE-2015-3142
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20150417,reported=2...
Keywords: Security
Depends On: 1211966 1211967 1212819 1212820 1212821
Blocks: 1211224 1214172
TreeView+ depends on / blocked
 
Reported: 2015-04-17 11:55 UTC by Florian Weimer
Modified: 2019-06-08 20:33 UTC (History)
8 users (show)

(edit)
It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp).
Clone Of:
(edit)
Last Closed: 2015-07-09 05:33:49 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1083 normal SHIPPED_LIVE Important: abrt security update 2015-06-09 23:48:24 UTC
Red Hat Product Errata RHSA-2015:1210 normal SHIPPED_LIVE Moderate: abrt security update 2015-07-07 12:39:40 UTC

Description Florian Weimer 2015-04-17 11:55:16 UTC
It was discovered that the kernel-invoked coredump processor provided by
abrt writes core dumps to files owned by other system users.  This could
result in information disclosure if an application crashes while its
current directory is a directory writable to other users (such as /tmp).

Acknowledgement:

This issue was discovered by Florian Weimer of Red Hat Product Security.

Comment 2 Florian Weimer 2015-04-17 11:56:47 UTC
Created abrt tracking bugs for this issue:

Affects: fedora-all [bug 1212821]

Comment 4 errata-xmlrpc 2015-06-09 19:48:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:1083 https://rhn.redhat.com/errata/RHSA-2015-1083.html

Comment 5 errata-xmlrpc 2015-07-07 08:40:09 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:1210 https://rhn.redhat.com/errata/RHSA-2015-1210.html


Note You need to log in before you can comment on or make changes to this bug.