It was discovered that the abrt-dbus D-Bus service contains several directory traversal flaws related to the NewProblem, GetInfo and SetElement methods. Local attackers could use these flaws to read and write arbitrary files as the root user, or take ownership of arbitrary files and directories. Acknowledgements: This issue was discovered by Florian Weimer of Red Hat Product Security.
Created abrt tracking bugs for this issue: Affects: fedora-all [bug 1214452]
The following upstream commits fix this cve: https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932 https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364 https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277
Martin has found out that DeleteElement method is still vulnerable. This upstream commit adds additional verification of all D-Bus parameters: https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:1083 https://rhn.redhat.com/errata/RHSA-2015-1083.html