CVE-2015-1338

Publication date 24 September 2015

Last updated 24 July 2024

Ubuntu priority

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
apport	17.04 zesty	Fixed 2.19-0ubuntu1
	16.10 yakkety	Fixed 2.19-0ubuntu1
	16.04 LTS xenial	Fixed 2.19-0ubuntu1
	15.10 wily	Fixed 2.19-0ubuntu1
	15.04 vivid	Fixed 2.17.2-0ubuntu1.5
	14.04 LTS trusty	Fixed 2.14.1-0ubuntu3.15
	12.04 LTS precise	Fixed 2.0.1-0ubuntu17.10

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2744-1
Apport vulnerability
24 September 2015

Other references

https://www.cve.org/CVERecord?id=CVE-2015-1338