Описание
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.2:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.3:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.4:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.34:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.6.24.4:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
debian
больше 17 лет назад
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11 ...
github
больше 3 лет назад
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
EPSS
Процентиль: 21%
0.00069
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264