CVE-2015-7529

HIGH

sos 3.0-3.8 - Local Privilege Escalation via Symlink Attack on Temporary Archive File

Title source: llm
STIX 2.1

Description

sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.

References (8)

Core 8
Core References
Issue Tracking, Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2845-1
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/sosreport/sos/issues/696
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-0152.html
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-0188.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/83162
Issue Tracking, Third Party Advisory x_refsource_misc
https://access.redhat.com/errata/RHSA-2016:0188
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1282542
Issue Tracking, Third Party Advisory x_refsource_misc
https://access.redhat.com/errata/RHSA-2016:0152

Scores

CVSS v3 7.8
EPSS 0.0044
EPSS Percentile 35.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-59
Status published
Products (27)
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 15.04
canonical/ubuntu_linux 15.10
pypi/sosreport 3.0 - 3.3PyPI
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_server_aus 7.2
redhat/enterprise_linux_server_aus 7.3
... and 17 more
Published Nov 06, 2017
Tracked Since Feb 18, 2026