Updated: 2023-12-06
CWE: Race Conditions
Description:
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.
CVSS3:
OS | Vendor version | Errata |
---|---|---|
RHEL 7 | 3.10.0-327.el7 | RHSA-2015:2152 |
Ubuntu 14.04 | 3.13.0-52.85 | USN-2598-1 |
Ubuntu 14.04 ESM | 3.13.0-52.85 | USN-2598-1 |
CentOS 7 | 3.10.0-327.el7 | CESA-2015:2152 |
CentOS 7 plus | 3.10.0-327.el7.centos.plus | CESA-2015:2152 |
Oracle Linux 7 | 3.10.0-327.el7 | ELSA-2015-2152 |
OS | Original kernel version | State |
---|---|---|
RHEL 7 |
3.10.0-123.8.1.el7
show all
hide all
3.10.0-123.13.1.el7
3.10.0-229.el7
3.10.0-123.6.3.el7
3.10.0-123.13.2.el7
3.10.0-229.14.1.el7
3.10.0-123.20.1.el7
3.10.0-123.4.2.el7
3.10.0-123.1.2.el7
3.10.0-123.9.2.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-123.4.4.el7
3.10.0-229.4.2.el7
3.10.0-229.7.2.el7
3.10.0-229.11.1.el7
3.10.0-229.20.1.el7
3.10.0-229.1.2.el7
|
Released |
Ubuntu 14.04 |
3.13.0-39.66
show all
hide all
3.13.0-37.64
3.13.0-49.83
3.13.0-41.70
3.13.0-36.63
3.13.0-44.73
3.13.0-49.81
3.13.0-46.75
3.13.0-40.69
3.13.0-33.58
3.13.0-43.72
3.13.0-51.84
3.13.0-38.65
3.13.0-40.68
3.13.0-45.74
3.13.0-46.76
3.13.0-46.77
3.13.0-32.57
3.13.0-46.79
3.13.0-34.60
3.13.0-35.62
3.13.0-48.80
|
Released |
Ubuntu 14.04 ESM | |
Ready For Release |
CentOS 7 |
3.10.0-229.7.2.el7
show all
hide all
3.10.0-229.11.1.el7
3.10.0-229.el7
3.10.0-123.1.2.el7
3.10.0-123.4.2.el7
3.10.0-123.6.3.el7
3.10.0-123.13.1.el7
3.10.0-123.8.1.el7
3.10.0-123.9.2.el7
3.10.0-229.4.2.el7
3.10.0-123.13.2.el7
3.10.0-229.14.1.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-229.20.1.el7
3.10.0-229.1.2.el7
3.10.0-123.4.4.el7
3.10.0-123.20.1.el7
|
Released |
CentOS 7 plus |
3.10.0-123.8.1.el7.centos.plus
show all
hide all
3.10.0-123.6.3.el7.centos.plus
3.10.0-229.14.1.el7.centos.plus
3.10.0-123.4.4.el7.centos.plus
3.10.0-123.13.2.el7.centos.plus
3.10.0-229.7.2.el7.centos.plus
3.10.0-123.9.2.el7.centos.plus
3.10.0-229.el7.centos.plus
3.10.0-123.20.1.el7.centos.plus
3.10.0-123.13.1.el7.centos.plus
3.10.0-229.4.2.el7.centos.plus
3.10.0-229.1.2.el7.centos.plus
3.10.0-123.9.3.el7.centos.plus
3.10.0-123.el7.centos.plus
3.10.0-123.1.2.el7.centos.plus
3.10.0-229.11.1.el7.centos.plus
3.10.0-123.4.2.el7.centos.plus
3.10.0-229.20.1.el7.centos.plus
|
Released |
Oracle Linux 7 |
3.10.0-229.7.2.el7
show all
hide all
3.10.0-229.1.2.el7
3.10.0-123.20.1.el7
3.10.0-123.13.1.el7
3.10.0-229.4.2.el7
3.10.0-123.13.2.el7
3.10.0-123.4.4.el7
3.10.0-229.el7
3.10.0-123.6.3.el7
3.10.0-229.11.1.el7
3.10.0-123.4.2.el7
3.10.0-123.9.3.el7
3.10.0-123.el7
3.10.0-229.14.1.el7
3.10.0-123.8.1.el7
3.10.0-123.9.2.el7
3.10.0-229.20.1.el7
3.10.0-123.1.2.el7
|
Released |
CloudLinux OS 7 |
3.10.0-233.1.2.lve1.3.33.4.el7
show all
hide all
3.10.0-329.7.2.lve1.3.58.el7
3.10.0-223.1.2.lve1.3.22.el7
3.10.0-223.1.2.lve1.3.33.3.el7
3.10.0-223.1.2.lve1.3.33.el7
3.10.0-233.1.2.lve1.3.33.1.el7
3.10.0-329.7.2.lve1.3.50.el7
3.10.0-329.7.2.lve1.3.55.el7
3.10.0-329.7.2.lve1.4.2.el7
3.10.0-329.7.2.lve1.4.4.el7
|
Released |
OpenVZ 6 | |
Ready For Release |
OEL 6 Dell | |
Ready For Release |
OEL 7 Dell | |
Ready For Release |
Endurance 7 eig 3.10 | |
Ready For Release |
Debian 10 cloud | |
Will Not Fix |
Debian 9 backports | |
Will Not Fix |