{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-01-17T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-01T10:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}, {"name": "76075", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/76075"}, {"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=142153722930533&w=2"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"}, {"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-1350", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}, {"name": "76075", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76075"}, {"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=142153722930533&w=2"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492", "refsource": "MISC", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"}, {"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:40:18.594Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}, {"name": "76075", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/76075"}, {"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=142153722930533&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"}, {"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-1350", "datePublished": "2016-05-02T10:00:00.000Z", "dateReserved": "2015-01-24T00:00:00.000Z", "dateUpdated": "2024-08-06T04:40:18.594Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB997E9A-FBEE-415A-9B18-37FCAEA17DB2", "versionEndIncluding": "3.19.8", "versionStartIncluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program."}, {"lang": "es", "value": "El subsistema VFS en el kernel de Linux 3.x provee un conjunto incompleto de requerimientos para operaciones setattr que subespecifica eliminando atributos de extensi\u00f3n de privilegios, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (desprovisi\u00f3n de capacidad) a trav\u00e9s de una invocaci\u00f3n fallida of a system call, seg\u00fan lo demostrado usando chown para eliminar una capacidad una capacidad de ping o del programa dumpcap de Wireshark."}], "id": "CVE-2015-1350", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-02T10:59:07.857", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=142153722930533&w=2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/76075"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=142153722930533&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/76075"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: denial of service in notify_change for filesystem xattrs", "id": "1185139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"}, "csaw": false, "cvss": {"cvss_base_score": "3.2", "cvss_scoring_vector": "AV:L/AC:L/Au:S/C:N/I:P/A:P", "status": "draft"}, "cwe": "CWE-552", "details": ["The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.", "It was found that a regular user could remove xattr permissions on files by using the chown or write system calls. A local attacker could use this flaw to deny elevated permissions from valid users, services, or applications, potentially resulting in a denial of service."], "name": "CVE-2015-1350", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2014-11-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-1350\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-1350"], "statement": "This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7 and MRG 2.\nThis has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata", "threat_severity": "Low"}

{}