VYPR
Medium severity5.5NVD Advisory· Published May 2, 2016· Updated Jun 17, 2026

CVE-2015-1350

CVE-2015-1350

Description

The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

116

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.