Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3215 to the following vulnerability: Name: CVE-2014-3215 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3215 Assigned: 20140503 Reference: http://openwall.com/lists/oss-security/2014/04/29/7 Reference: http://openwall.com/lists/oss-security/2014/04/30/4 Reference: http://openwall.com/lists/oss-security/2014/05/08/1 seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges. Note this was originally reported by Andy Lutomirski in bug #885288 (also see bug #1035427 (and its attached patch, which is for libcap-ng)).
Acknowledgements: Red Hat would like to thank Andy Lutomirski for reporting this issue.
Upstream patches for the kernel part: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=259e5e6c75a910f3b5e656151dc602f53f9d7548 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7b0d0b40cd78cadb525df760ee4cac151533c2b5
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:0864 https://rhn.redhat.com/errata/RHSA-2015-0864.html