CVE-2015-5228

NameCVE-2015-5228
DescriptionThe service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: local)
Debian Bugs797111

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
criuunknown(unstable)1.8-2high797111

Notes

https://bugzilla.redhat.com/show_bug.cgi?id=1255782

Search for package or bug name: Reporting problems