CVE-2015-1338
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-1338
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apport 后置链接漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。Apport是其中的一个用于收集并反馈错误信息(当应用程序崩溃时操作系统认为有用的信息)的工具包。 Apport 2.18.1及之前的版本中的kernel_crashdump文件存在安全漏洞。本地攻击者可通过对/var/crash/vmcore.log文件实施符号链接攻击或硬链接攻击利用该漏洞造成拒绝服务(磁盘消耗)或获取权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-1338
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-1338
请登录查看更多情报信息。
- https://launchpad.net/apport/trunk/2.19x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2015-1338
Same Patch Batch · n/a · 2015-10-01 · 36 CVEs total
| CVE-2015-3844 | Android ActivityManager组件权限许可和访问控制漏洞 | |
| CVE-2015-3832 | Android libstagefright 缓冲区溢出漏洞 | |
| CVE-2015-3833 | Android 安全漏洞 | |
| CVE-2015-3834 | Android libstagefright 数字错误漏洞 | |
| CVE-2015-3835 | Android libstagefright 缓冲区溢出漏洞 | |
| CVE-2015-3836 | Android Sonivox DLS-to-EAS转换器组件数字错误漏洞 | |
| CVE-2015-3837 | Android 输入验证漏洞 | |
| CVE-2015-3842 | Android mediaserver组件基于堆的缓冲区溢出漏洞 | |
| CVE-2015-3843 | Android SIM Toolkit框架权限许可和访问控制漏洞 | |
| CVE-2015-3831 | Android mediaserver service组件缓冲区溢出漏洞 | |
| CVE-2015-3845 | Android Binder组件权限许可和访问控制漏洞 | |
| CVE-2015-3849 | Android Region组件权限许可和访问控制漏洞 | |
| CVE-2015-3858 | Android 权限许可和访问控制漏洞 | |
| CVE-2015-3860 | Android Lockscreen组件本地安全绕过漏洞 | |
| CVE-2015-3861 | Android mediaserver组件数字错误漏洞 | |
| CVE-2015-3863 | Android Keystore服务数字错误漏洞 | |
| CVE-2015-3864 | Android mediaserver组件数字错误漏洞 | |
| CVE-2015-6575 | Android libstagefright 数字错误漏洞 | |
| CVE-2015-1538 | Android Stagefright 数字错误漏洞 | |
| CVE-2015-1335 | LXC lxc-start 后置链接漏洞 |
Showing top 20 of 36 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2015-1338
No comments yet