Vulnerability in Redhat Automatic_bug_reporting_tool

CVE-2012-1106

The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which a…

EPSS: 0.000 (15.1th percentile) — read the EPSS interpretation.

Affected products

Redhat Automatic_bug_reporting_tool
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

54121 (vdb-entry, x_refsource_BID)
RHSA-2012:0841 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
abrt-info-disc(76524) (vdb-entry, x_refsource_XF)