Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-3339

Опубликовано: 20 апр. 2015
Источник: redhat
CVSS2: 6.2
EPSS Низкий

Описание

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the system.

Отчет

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 7 and MRG-2. This issue is not currently planned to be addressed in future Red Hat Enterprise Linux 5 kernel updates. Future Linux kernel updates for other releases may address this issue. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise MRG 2realtime-kernelAffected
Red Hat Enterprise Linux 6kernelFixedRHSA-2015:127220.07.2015
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2015:241119.11.2015
Red Hat Enterprise Linux 7kernelFixedRHSA-2015:215219.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=1214030kernel: race condition between chown() and execve()

EPSS

Процентиль: 7%
0.00032
Низкий

6.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-3339

ubuntu
около 10 лет назад

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

nvd логотип

CVE-2015-3339

nvd
около 10 лет назад

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

debian логотип

CVE-2015-3339

debian
около 10 лет назад

Race condition in the prepare_binprm function in fs/exec.c in the Linu ...

github логотип

GHSA-8x6w-vmh7-xc9h

github
около 3 лет назад

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

oracle-oval логотип

ELSA-2015-3053

oracle-oval
почти 10 лет назад

ELSA-2015-3053: Unbreakable Enterprise kernel security update (MODERATE)

EPSS

Процентиль: 7%
0.00032
Низкий

6.2 Medium

CVSS2