Insecure File Creation and Ownership Vulnerability in CRIU Service Daemon

Insecure File Creation and Ownership Vulnerability in CRIU Service Daemon

CVE-2015-5228 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.

Learn more about our User Device Pen Test.