Описание
Security update for libcap-ng
libcap-ng was updated to fix one security issue.
This security issue was fixed:
- CVE-2014-3215: seunshare in policycoreutils (which uses libcap-ng) is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which made it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges (bsc#876832).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libcap-ng-utils-0.6.3-1.9.6
libcap-ng0-0.6.3-1.9.6
libcap-ng0-32bit-0.6.3-1.9.6
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libcap-ng-utils-0.6.3-1.9.6
libcap-ng0-0.6.3-1.9.6
libcap-ng0-32bit-0.6.3-1.9.6
SUSE Linux Enterprise Software Development Kit 11 SP4
libcap-ng-devel-0.6.3-1.9.6
python-capng-0.6.3-1.9.6
Ссылки
- Link for SUSE-SU-2017:0375-1
- E-Mail link for SUSE-SU-2017:0375-1
- SUSE Security Ratings
- SUSE Bug 876832
- SUSE CVE CVE-2014-3215 page
Описание
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libcap-ng-utils-0.6.3-1.9.6
SUSE Linux Enterprise Server 11 SP4:libcap-ng0-0.6.3-1.9.6
SUSE Linux Enterprise Server 11 SP4:libcap-ng0-32bit-0.6.3-1.9.6
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libcap-ng-utils-0.6.3-1.9.6
Ссылки
- CVE-2014-3215
- SUSE Bug 876832