Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-3339
HistoryApr 21, 2015 - 12:00 a.m.

CVE-2015-3339

2015-04-2100:00:00
ubuntu.com
ubuntu.com
23

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.6%

Race condition in the prepare_binprm function in fs/exec.c in the Linux
kernel before 3.19.6 allows local users to gain privileges by executing a
setuid program at a time instant when a chown to root is in progress, and
the ownership is changed but the setuid bit is not yet stripped.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.6%