Vulnerabilities > CVE-2015-3170 - 7PK - Security Features vulnerability in Selinux Project Selinux
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |