RSS   Podatności dla 'CRIU'   RSS

2016-06-07
 
CVE-2015-5231

CWE-200
 
 
The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows local users to obtain sensitive information via (1) process dumps or (2) ptrace access.

 
 
CVE-2015-5228

CWE-264
 
 
The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.

 

 >>> Vendor: CRIU 2 Produkty
CRIU
Checkpoint/restore in userspace

Copyright 2024, cxsecurity.com

 

Back to Top