SUSE-SU-2017:0375-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-3215

Published: 03 Feb 2017, 07:07

Last modified:04 Feb 2026, 04:36

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 Feb 2017, 07:07

Published

Vulnerability first disclosed

04 Feb 2026, 04:36

Last Modified

Vulnerability information updated

Description

Security update for libcap-ng libcap-ng was updated to fix one security issue. This security issue was fixed: - CVE-2014-3215: seunshare in policycoreutils (which uses libcap-ng) is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which made it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges (bsc#876832).

Affected Systems

suse•libcap-ng&distro=SUSE Linux Enterprise Server 11 SP4
< 0.6.3-1.9.6
suse•libcap-ng&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
< 0.6.3-1.9.6
suse•libcap-ng&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
< 0.6.3-1.9.6

SUSE-SU-2017:0375-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)