usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2015/04/22/12 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2015/05/04/3 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/74304 | Third Party Advisory VDB Entry |
https://bazaar.launchpad.net/~usb-creator-hackers/usb-creator/trunk/revision/470 | Third Party Advisory |
https://usn.ubuntu.com/usn/usn-2576-1/ | Third Party Advisory |
https://usn.ubuntu.com/usn/usn-2576-2/ | Third Party Advisory |
https://www.exploit-db.com/exploits/36820/ | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-27T15:00:00
Updated: 2017-09-27T14:57:01
Reserved: 2015-05-04T00:00:00
Link: CVE-2015-3643
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-09-28T01:29:00.590
Modified: 2017-10-11T18:36:57.990
Link: CVE-2015-3643
JSON object: View
Redhat Information
No data.
CWE