Amazon Linux Local Check: ALAS-2015-544

Published: 2015-09-08 11:26:35
CVE Author: NIST National Vulnerability Database

Technical Details:
A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid() system call, among others, also sets the saved set-user-ID when dropping the binaries' process privileges, could allow a local, unprivileged user to potentially escalate their privileges on the system.

Recommendations:
Run yum clean all followed by yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.

Solution Type:
Vendor Patch

CVSS Base Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Detection Type:
Linux Distribution Package

Summary:
Amazon Linux Local Security Checks

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2014-3215

CVE Analysis

https://www.mageni.net/cve/CVE-2014-3215

References:

https://alas.aws.amazon.com/ALAS-2015-544.html

Severity
Medium
CVSS Score
6.9
Published
2015-09-08
Modified
2018-10-01
Category
Amazon Linux Local Security Checks

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.