Vulnerabilities > CVE-2015-5224 - Unspecified vulnerability in Kernel Util-Linux
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks.
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2015/08/24/3
- http://www.openwall.com/lists/oss-security/2015/08/24/3
- http://www.securityfocus.com/bid/76467
- http://www.securityfocus.com/bid/76467
- https://bugzilla.redhat.com/show_bug.cgi?id=1256686
- https://bugzilla.redhat.com/show_bug.cgi?id=1256686
- https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9
- https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9