CVE-2014-3215

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
selinuxprojectpolicycoreutils
2.2.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
policycoreutils
bookworm
3.4-1
fixed
bullseye
3.1-3
fixed
sid
3.7-2
fixed
trixie
3.7-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
policycoreutils
lucid
ignored
precise
ignored
quantal
not-affected
saucy
not-affected
trusty
not-affected
utopic
not-affected
vivid
not-affected
wily
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
kernel
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-abi-whitelists
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-bootwrapper
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-debug
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-debug-devel
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-devel
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-doc
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-firmware
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-headers
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-kdump
RHEL 6
0:2.6.32-504.16.2.el6
fixed
kernel-kdump-devel
RHEL 6
0:2.6.32-504.16.2.el6
fixed
libcap-ng
RHEL 7
0:0.7.5-4.el7
fixed
libcap-ng-devel
RHEL 7
0:0.7.5-4.el7
fixed
libcap-ng-python
RHEL 7
0:0.7.5-4.el7
fixed
libcap-ng-utils
RHEL 7
0:0.7.5-4.el7
fixed
perf
RHEL 6
0:2.6.32-504.16.2.el6
fixed
python-perf
RHEL 6
0:2.6.32-504.16.2.el6
fixed
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0251.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00008.html
http://openwall.com/lists/oss-security/2014/04/29/7
http://openwall.com/lists/oss-security/2014/04/30/4
http://openwall.com/lists/oss-security/2014/05/08/1
http://rhn.redhat.com/errata/RHSA-2015-0864.html
http://secunia.com/advisories/59007
http://www.mandriva.com/security/advisories?name=MDVSA-2015:156
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/67341
http://advisories.mageia.org/MGASA-2014-0251.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00008.html
http://openwall.com/lists/oss-security/2014/04/29/7
http://openwall.com/lists/oss-security/2014/04/30/4
http://openwall.com/lists/oss-security/2014/05/08/1
http://rhn.redhat.com/errata/RHSA-2015-0864.html
http://secunia.com/advisories/59007
http://www.mandriva.com/security/advisories?name=MDVSA-2015:156
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/67341