CVE-2011-3151
SELinux initscript misuse of touch
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →