dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.00053
Percentile:
0.16541
CVSS Scoring
CVSS v3.1 Score: 5.5
Severity: MEDIUM
Mapped CWE(s)
-
CWE-667
: Improper Locking
All CAPEC(s)
-
CAPEC-25: Forced Deadlock
-
CAPEC-26: Leveraging Race Conditions
-
CAPEC-27: Leveraging Race Conditions via Symbolic Links
CAPEC(s) with Mapped TTPs
-
CAPEC-25: Forced Deadlock
Mapped TTPs:
-
T1499.004
: Application or System Exploitation
Mapped ATT&CK TTPs
-
T1499.004
: Application or System Exploitation
Kill Chain: impact
Malware
APTs Threat Group Associations
Campaigns
Affected Products
- cpe:2.3:a:dump_project:dump:0.4:beta10:*:*:*:*:*:*
- cpe:2.3:a:dump_project:dump:0.4:beta29:*:*:*:*:*:*
← Back to Home