CVE-2015-0267
Published: 19 May 2015
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Notes
| Author | Note |
|---|---|
| mdeslaur | vulnerable script not in debian/ubuntu |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
kexec-tools Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
| trusty |
Does not exist
(trusty was not-affected)
|
|
| upstream |
Needs triage
|
|
| utopic |
Not vulnerable
|
|
| vivid |
Not vulnerable
|