6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
Updated libcap-ng packages fix security vulnerability: capng_lock() in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without capabilities, which is potentially dangerous (CVE-2014-3215).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | libcap-ng | < 0.7.3-2.1 | libcap-ng-0.7.3-2.1.mga3 |
Mageia | 4 | noarch | libcap-ng | < 0.7.3-3.1 | libcap-ng-0.7.3-3.1.mga4 |