Wind River Support Network

HomeDefectsCGP6-520
Acknowledged

CGP6-520 : Security Advisory - openhpi - CVE-2015-3248

Created: Oct 16, 2017    Updated: Nov 8, 2017
Previous ID: CGP5-1313
Found In Version: 6.0.0.35
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk consumption).

https://nvd.nist.gov/vuln/detail/CVE-2015-3248
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube