Unrated severityNVD Advisory· Published Oct 1, 2015· Updated Jun 17, 2026
CVE-2015-1338
CVE-2015-1338
Description
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- osv-coords4 versionspkg:rpm/suse/apport-crashdb-sle&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/apport-crashdb-sle&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/apport&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/apport&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
< 0.114-0.8.3.1+ 3 more
- (no CPE)range: < 0.114-0.8.3.1
- (no CPE)range: < 0.114-0.8.3.1
- (no CPE)range: < 0.114-12.8.3.1
- (no CPE)range: < 0.114-12.8.3.1
Patches
Vulnerability mechanics
References
7- launchpad.net/apport/trunk/2.19nvdPatch
- packetstormsecurity.com/files/133723/Ubuntu-Apport-kernel_crashdump-Symlink.htmlnvdExploit
- www.halfdog.net/Security/2015/ApportKernelCrashdumpFileAccessVulnerabilities/nvdExploit
- www.exploit-db.com/exploits/38353/nvdExploit
- seclists.org/fulldisclosure/2015/Sep/101nvd
- www.ubuntu.com/usn/USN-2744-1nvd
- bugs.launchpad.net/ubuntu/+source/apport/+bug/1492570nvd
News mentions
0No linked articles in our index yet.