{
  "threat_severity" : "Moderate",
  "public_date" : "2015-04-20T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: race condition between chown() and execve()",
    "id" : "1214030",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1214030"
  },
  "cvss" : {
    "cvss_base_score" : "6.2",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-362",
  "details" : [ "Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.", "A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the system." ],
  "statement" : "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 7 and MRG-2. This issue is not currently planned to be addressed in future Red Hat Enterprise Linux 5 kernel updates.  Future Linux kernel updates for other releases may address this issue.\nFor additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2015-07-20T00:00:00Z",
    "advisory" : "RHSA-2015:1272",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-573.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-11-19T00:00:00Z",
    "advisory" : "RHSA-2015:2411",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-327.rt56.204.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-11-19T00:00:00Z",
    "advisory" : "RHSA-2015:2152",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-327.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-3339\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-3339" ],
  "name" : "CVE-2015-3339",
  "csaw" : false
}