Multiple vulnerabilities in Linux kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2015-1838 CVE-2000-1134 |
| CWE-ID | CWE-19 CWE-61 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1)
EUVDB-ID: #VU28385
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-1838
CWE-ID:
CWE-19 - Data Handling
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to read and manipulate data.
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 4.4 - 4.14.84
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:4.4.165:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.141:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.14.84:*:*:*:*:*:*:*
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.166
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.142
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Symlink attack
EUVDB-ID: #VU28390
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2000-1134
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 4.4 - 4.14.84
CPE2.3https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.166
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.142
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
