← Volver a CVEs
CVE-2015-0796
N/ADescripcion
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado3/2/2018
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
opensuse:open_buildservice
Debilidades (CWE)
CWE-434CWE-59
Referencias
https://bugzilla.suse.com/show_bug.cgi?id=941099(security@opentext.com)
https://github.com/openSUSE/open-build-service/commit/474a3db19498765f0118ba3dbc0b1cc90b0097fc(security@opentext.com)
https://bugzilla.suse.com/show_bug.cgi?id=941099(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/openSUSE/open-build-service/commit/474a3db19498765f0118ba3dbc0b1cc90b0097fc(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.