Home

CVE-2017-5551

Description

The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.

Risk Information

Base Score
4.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.064

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-3190-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3190-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3190-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3190-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-1006-gke_4.4.0-1006.6_amd64.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-1009-aws_4.4.0-1009.18_amd64.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-67-generic_4.4.0-67.88_i386.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-67-generic_4.4.0-67.88_amd64.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-67-lowlatency_4.4.0-67.88_i386.debLinux
Linux kernel (USN-3234-1) linux-image-4.4.0-67-lowlatency_4.4.0-67.88_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3234-2) linux-image-4.4.0-67-generic_4.4.0-67.88~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3234-2) linux-image-4.4.0-67-generic_4.4.0-67.88~14.04.1_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3234-2) linux-image-4.4.0-67-lowlatency_4.4.0-67.88~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3234-2) linux-image-4.4.0-67-lowlatency_4.4.0-67.88~14.04.1_amd64.debLinux
Linux kernel (USN-3251-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3251-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3251-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3251-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3256-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3256-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3256-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3256-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3266-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3266-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3266-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3266-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3292-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3292-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3292-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3292-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3313-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3313-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3313-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3313-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3326-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3326-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3326-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3326-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3342-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3342-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3342-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3342-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3359-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3359-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3359-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3359-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3359-1) linux-image-4.8.0-59-generic_4.8.0-59.64_i386.debLinux
Linux kernel (USN-3359-1) linux-image-4.8.0-59-generic_4.8.0-59.64_amd64.debLinux
Linux kernel (USN-3359-1) linux-image-4.8.0-59-lowlatency_4.8.0-59.64_i386.debLinux
Linux kernel (USN-3359-1) linux-image-4.8.0-59-lowlatency_4.8.0-59.64_amd64.debLinux
Linux kernel (USN-3209-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3209-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3209-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3209-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3221-1) linux-image-generic_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3221-1) linux-image-generic_4.8.0.59.72_amd64.debLinux
Linux kernel (USN-3221-1) linux-image-lowlatency_4.8.0.59.72_i386.debLinux
Linux kernel (USN-3221-1) linux-image-lowlatency_4.8.0.59.72_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234