Описание
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
Ссылки
- Issue TrackingPatch
- Patch
- Mailing List
- PatchThird Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Issue TrackingPatch
- Patch
Уязвимые конфигурации
EPSS
4.4 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
Связанные уязвимости
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
The filesystem implementation in the Linux kernel through 4.8.2 preser ...
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
ELSA-2017-3596: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
4.4 Medium
CVSS3
3.6 Low
CVSS2