1ABRT-ACTION-ANALYZ(1)             ABRT Manual            ABRT-ACTION-ANALYZ(1)
2
3
4

NAME

6       abrt-action-analyze-vulnerability - Provides assessment of potential
7       exploitability of crash
8

SYNOPSIS

10       abrt-action-analyze-vulnerability
11

DESCRIPTION

13       This tool expects that file named coredump is placed in the current
14       directory and runs abrt-gdb-exploitable gdb plugin on that file. The
15       result of vulnerability analysis is saved in exploitable file in the
16       current directory with information about the likely crash reason and
17       exploitable rating (see the EXPLOITABLE RATING section bellow). If the
18       exploitable rating is between <0-3> no output is generated and the tool
19       silently exits with 0 exit code.
20
21       This tool requires both gdb and eu-readelf executables placed in PATH.
22       If any of the required programs is missing the tool silently exits with
23       0 exit code.
24

EXPLOITABLE RATING

26       Exploitable rating is a score (on scale 0-9) given to a coredump based
27       on the likely reason the program crashed and whether or not it could
28       have been due to a potentially exploitable security issue. Lower
29       numbers are reserverd for reasons that are highly unlikely to be
30       security issues (0-3) while higher numbers (4-9) are reserved for
31       potentially dangerous crashes. Higher scores do not automatically mean
32       security problems but they can help with debugging the issue and
33       assessing its severity.
34

AUTHORS

36       •   ABRT team
37
38
39
40abrt 2.15.1                       10/19/2022             ABRT-ACTION-ANALYZ(1)
Impressum