Unrated severityNVD Advisory· Published Aug 11, 2015· Updated May 6, 2026
CVE-2015-3246
CVE-2015-3246
Description
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.
Affected products
7cpe:2.3:a:redhat:libuser:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:redhat:libuser:*:*:*:*:*:*:*:*range: <=0.56.13-5
- cpe:2.3:a:redhat:libuser:0.60-1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txtnvdExploit
- lists.fedoraproject.org/pipermail/package-announce/2015-August/163044.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-July/162947.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-08/msg00000.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1482.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1483.htmlnvd
- www.securityfocus.com/bid/76022nvd
- www.securitytracker.com/id/1033040nvd
- access.redhat.com/articles/1537873nvd
- www.exploit-db.com/exploits/44633/nvd
News mentions
0No linked articles in our index yet.