CVE-2015-1197

描述

cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.

受影響套件(1)

• Debian/cpiofrom 0, < 2.11+dfsg-4.1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1197