Описание
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | ignored | |
| hardy | ignored | end of life |
| lucid | ignored | |
| maverick | ignored | |
| natty | ignored | |
| upstream | needed |
Показывать по
Ссылки на источники
EPSS
6.3 Medium
CVSS2
Связанные уязвимости
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and ear ...
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
EPSS
6.3 Medium
CVSS2