vulnerability

Oracle Linux: CVE-2016-7097: ELSA-2017-1842: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)

Severity
3
CVSS
(AV:L/AC:L/Au:S/C:P/I:P/A:N)
Published
May 26, 2016
Added
Mar 28, 2017
Modified
Jan 23, 2025

Description

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
It was found that when file permissions were modified via chmod and the user modifying them was not in the owning group or capable of CAP_FSETID, the setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way. This could allow a local user to gain group privileges via certain setgid applications.

Solution(s)

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.