A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to elevate their privileges on the system.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2015-10-27 13:40 | ALAS-2015-603 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 6.2 | AV:L/AC:H/Au:N/C:C/I:C/A:C |
NVD | CVSSv2 | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C |