Updated: 2023-08-25

CWE: Race Conditions


Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.


Vendor State

OS Vendor version Errata
Ubuntu 14.04 ESM 3.13.0-52.85 USN-2598-1
Ubuntu 14.04 3.13.0-52.85 USN-2598-1
CentOS 7 plus CESA-2015:2152
CentOS 7 3.10.0-327.el7 CESA-2015:2152
Oracle Linux 7 3.10.0-327.el7 ELSA-2015-2152
RHEL 7 3.10.0-327.el7 RHSA-2015:2152

KernelCare State

OS Original kernel version State
OEL 7 Dell
Ready For Release
Endurance 7 eig 3.10
Ready For Release
OEL 6 Dell
Ready For Release
Debian 9 backports
Will Not Fix
Debian 10 cloud
Will Not Fix
Ubuntu 14.04 ESM
Ready For Release
Ubuntu 14.04
3.13.0-39.66 show all hide all
3.13.0-37.64 3.13.0-49.83 3.13.0-41.70 3.13.0-36.63 3.13.0-44.73 3.13.0-49.81 3.13.0-46.75 3.13.0-40.69 3.13.0-33.58 3.13.0-43.72 3.13.0-51.84 3.13.0-38.65 3.13.0-40.68 3.13.0-45.74 3.13.0-46.76 3.13.0-46.77 3.13.0-32.57 3.13.0-46.79 3.13.0-34.60 3.13.0-35.62 3.13.0-48.80
CentOS 7 plus show all hide all
CentOS 7
3.10.0-229.7.2.el7 show all hide all
3.10.0-229.11.1.el7 3.10.0-229.el7 3.10.0-123.1.2.el7 3.10.0-123.4.2.el7 3.10.0-123.6.3.el7 3.10.0-123.13.1.el7 3.10.0-123.8.1.el7 3.10.0-123.9.2.el7 3.10.0-229.4.2.el7 3.10.0-123.13.2.el7 3.10.0-229.14.1.el7 3.10.0-123.9.3.el7 3.10.0-123.el7 3.10.0-229.20.1.el7 3.10.0-229.1.2.el7 3.10.0-123.4.4.el7 3.10.0-123.20.1.el7
OpenVZ 6
Ready For Release
Oracle Linux 7
3.10.0-229.7.2.el7 show all hide all
3.10.0-229.1.2.el7 3.10.0-123.20.1.el7 3.10.0-123.13.1.el7 3.10.0-229.4.2.el7 3.10.0-123.13.2.el7 3.10.0-123.4.4.el7 3.10.0-229.el7 3.10.0-123.6.3.el7 3.10.0-229.11.1.el7 3.10.0-123.4.2.el7 3.10.0-123.9.3.el7 3.10.0-123.el7 3.10.0-229.14.1.el7 3.10.0-123.8.1.el7 3.10.0-123.9.2.el7 3.10.0-229.20.1.el7 3.10.0-123.1.2.el7
CloudLinux OS 7
3.10.0-233.1.2.lve1.3.33.4.el7 show all hide all
3.10.0-329.7.2.lve1.3.58.el7 3.10.0-223.1.2.lve1.3.22.el7 3.10.0-223.1.2.lve1.3.33.3.el7 3.10.0-223.1.2.lve1.3.33.el7 3.10.0-233.1.2.lve1.3.33.1.el7 3.10.0-329.7.2.lve1.3.50.el7 3.10.0-329.7.2.lve1.3.55.el7 3.10.0-329.7.2.lve1.4.2.el7 3.10.0-329.7.2.lve1.4.4.el7
3.10.0-123.8.1.el7 show all hide all
3.10.0-123.13.1.el7 3.10.0-229.el7 3.10.0-123.6.3.el7 3.10.0-123.13.2.el7 3.10.0-229.14.1.el7 3.10.0-123.20.1.el7 3.10.0-123.4.2.el7 3.10.0-123.1.2.el7 3.10.0-123.9.2.el7 3.10.0-123.9.3.el7 3.10.0-123.el7 3.10.0-123.4.4.el7 3.10.0-229.4.2.el7 3.10.0-229.7.2.el7 3.10.0-229.11.1.el7 3.10.0-229.20.1.el7 3.10.0-229.1.2.el7