Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-3170

Опубликовано: 05 мая 2015
Источник: redhat
CVSS2: 1.2
EPSS Низкий

Описание

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

Отчет

Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5selinux-policyNot affected
Red Hat Enterprise Linux 6selinux-policyNot affected
Red Hat Enterprise Linux 7selinux-policyWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-284
https://bugzilla.redhat.com/show_bug.cgi?id=1218672selinux-policy: policy package update causes denial of service

EPSS

Процентиль: 12%
0.0004
Низкий

1.2 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2015-3170

CVSS3: 5.5
nvd
больше 8 лет назад

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

github логотип

GHSA-m2mw-q7pj-g3wv

CVSS3: 5.5
github
больше 3 лет назад

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

EPSS

Процентиль: 12%
0.0004
Низкий

1.2 Low

CVSS2