|
|
Log in / Subscribe / Register

policycoreutils: privilege escalation

Package(s):policycoreutils CVE #(s):CVE-2014-3215
Created:May 30, 2014 Updated:March 29, 2015
Description:

From the CVE entry:

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.

Alerts:
Oracle ELSA-2015-3064 kernel 3.8.13 2015-07-31
Oracle ELSA-2015-3064 kernel 3.8.13 2015-07-31
Oracle ELSA-2015-3035 kernel 2015-05-13
Oracle ELSA-2015-3035 kernel 2015-05-13
Oracle ELSA-2015-3036 kernel 2015-05-13
Oracle ELSA-2015-3036 kernel 2015-05-13
Oracle ELSA-2015-3034 Unbreakable Enterprise kernel 2015-04-23
Oracle ELSA-2015-3034 Unbreakable Enterprise kernel 2015-04-23
Oracle ELSA-2015-3033 Unbreakable Enterprise kernel 2015-04-23
Oracle ELSA-2015-3033 Unbreakable Enterprise kernel 2015-04-23
Oracle ELSA-2015-3032 Unbreakable Enterprise kernel 2015-04-23
Oracle ELSA-2015-3032 Unbreakable Enterprise kernel 2015-04-23
Scientific Linux SLSA-2015:0864-1 kernel 2015-04-21
Oracle ELSA-2015-0864 kernel 2015-04-21
CentOS CESA-2015:0864 kernel 2015-04-22
Red Hat RHSA-2015:0864-01 kernel 2015-04-21
Mandriva MDVSA-2015:156 libcap-ng 2015-03-29
Gentoo 201412-44 policycoreutils 2014-12-26
Mageia MGASA-2014-0251 libcap-ng 2014-06-06
openSUSE openSUSE-SU-2014:0749-1 libcap-ng 2014-06-03
openSUSE openSUSE-SU-2014:0736-1 policycoreutils 2014-05-30
Mandriva MDVSA-2014:117 libcap-ng 2014-06-10
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds