RSS   Podatności dla 'CRIU'   RSS

2016-06-07
 
CVE-2015-5231

CWE-200
 

 
The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows local users to obtain sensitive information via (1) process dumps or (2) ptrace access.

 
 
CVE-2015-5228

CWE-264
 

 
The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.

 

 >>> Vendor: CRIU 2 Produkty
CRIU
Checkpoint/restore in userspace


Copyright 2024, cxsecurity.com

 

Back to Top