Oval Definition:oval:com.redhat.rhsa:def:20151210
Revision Date:2015-07-07Version:641
Title:RHSA-2015:1210: abrt security update (Moderate)
Description:ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality.

  • It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315)

  • It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142)

  • It was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869)

  • It was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870)

  • It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT, or to overwrite arbitrary files on the system. (CVE-2015-3147)

  • It was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)

    The CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, and CVE-2015-3159 issues were discovered by Florian Weimer of Red Hat Product Security.

    All users of abrt are advised to upgrade to these updated packages, which correct these issues.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2015-1869
    CVE-2015-1870
    CVE-2015-3142
    CVE-2015-3147
    CVE-2015-3159
    CVE-2015-3315
    RHSA-2015:1210
    RHSA-2015:1210-00
    RHSA-2015:1210-01
    Platform(s):Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • abrt is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt is signed with Red Hat redhatrelease2 key
  • abrt-addon-ccpp is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-addon-ccpp is signed with Red Hat redhatrelease2 key
  • abrt-addon-kerneloops is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-addon-kerneloops is signed with Red Hat redhatrelease2 key
  • abrt-addon-python is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-addon-python is signed with Red Hat redhatrelease2 key
  • abrt-addon-vmcore is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-addon-vmcore is signed with Red Hat redhatrelease2 key
  • abrt-cli is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-cli is signed with Red Hat redhatrelease2 key
  • abrt-console-notification is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-console-notification is signed with Red Hat redhatrelease2 key
  • abrt-desktop is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-desktop is signed with Red Hat redhatrelease2 key
  • abrt-devel is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-devel is signed with Red Hat redhatrelease2 key
  • abrt-gui is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-gui is signed with Red Hat redhatrelease2 key
  • abrt-libs is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-libs is signed with Red Hat redhatrelease2 key
  • abrt-python is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-python is signed with Red Hat redhatrelease2 key
  • abrt-tui is earlier than 0:2.0.8-26.el6_6.1
  • AND abrt-tui is signed with Red Hat redhatrelease2 key
  • libreport is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport is signed with Red Hat redhatrelease2 key
  • libreport-cli is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-cli is signed with Red Hat redhatrelease2 key
  • libreport-compat is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-compat is signed with Red Hat redhatrelease2 key
  • libreport-devel is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-devel is signed with Red Hat redhatrelease2 key
  • libreport-filesystem is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-filesystem is signed with Red Hat redhatrelease2 key
  • libreport-gtk is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-gtk is signed with Red Hat redhatrelease2 key
  • libreport-gtk-devel is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-gtk-devel is signed with Red Hat redhatrelease2 key
  • libreport-newt is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-newt is signed with Red Hat redhatrelease2 key
  • libreport-plugin-bugzilla is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-bugzilla is signed with Red Hat redhatrelease2 key
  • libreport-plugin-kerneloops is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-kerneloops is signed with Red Hat redhatrelease2 key
  • libreport-plugin-logger is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-logger is signed with Red Hat redhatrelease2 key
  • libreport-plugin-mailx is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-mailx is signed with Red Hat redhatrelease2 key
  • libreport-plugin-reportuploader is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-reportuploader is signed with Red Hat redhatrelease2 key
  • libreport-plugin-rhtsupport is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-plugin-rhtsupport is signed with Red Hat redhatrelease2 key
  • libreport-python is earlier than 0:2.0.9-21.el6_6.1
  • AND libreport-python is signed with Red Hat redhatrelease2 key
  • BACK