UBUNTU-CVE-2015-3246

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2015-3246

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-3246.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-3246

Upstream

CVE-2015-3246

Published

2015-08-11T14:59:00Z

Modified

2025-09-08T16:43:22Z

Severity

Ubuntu - medium

Summary

[none]

Details

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.

References

Affected packages

Ubuntu:Pro:14.04:LTS / libuser

Package

Name: libuser
Purl: pkg:deb/ubuntu/libuser@1:0.56.9.dfsg.1-1.2ubuntu2+esm1?arch=source&distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.56.9.dfsg.1-1.2ubuntu2+esm1

Affected versions

1:0.*

1:0.56.9.dfsg.1-1.2ubuntu2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libuser",
            "binary_version": "1:0.56.9.dfsg.1-1.2ubuntu2+esm1"
        },
        {
            "binary_name": "libuser1",
            "binary_version": "1:0.56.9.dfsg.1-1.2ubuntu2+esm1"
        },
        {
            "binary_name": "libuser1-dev",
            "binary_version": "1:0.56.9.dfsg.1-1.2ubuntu2+esm1"
        },
        {
            "binary_name": "python-libuser",
            "binary_version": "1:0.56.9.dfsg.1-1.2ubuntu2+esm1"
        }
    ],
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}

Ubuntu:Pro:16.04:LTS / libuser

Package

Name: libuser
Purl: pkg:deb/ubuntu/libuser@1:0.60~dfsg-1.2?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.60~dfsg-1.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libuser",
            "binary_version": "1:0.60~dfsg-1.2"
        },
        {
            "binary_name": "libuser1",
            "binary_version": "1:0.60~dfsg-1.2"
        },
        {
            "binary_name": "libuser1-dev",
            "binary_version": "1:0.60~dfsg-1.2"
        },
        {
            "binary_name": "python-libuser",
            "binary_version": "1:0.60~dfsg-1.2"
        }
    ]
}

Ubuntu:25.04 / libuser

Package

Name: libuser
Purl: pkg:deb/ubuntu/libuser@1:0.64+git20241106~dfsg-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.64~dfsg-2build2

1:0.64+git20241106~dfsg-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libuser",
            "binary_version": "1:0.64+git20241106~dfsg-2"
        },
        {
            "binary_name": "libuser1",
            "binary_version": "1:0.64+git20241106~dfsg-2"
        },
        {
            "binary_name": "libuser1-dev",
            "binary_version": "1:0.64+git20241106~dfsg-2"
        },
        {
            "binary_name": "python3-libuser",
            "binary_version": "1:0.64+git20241106~dfsg-2"
        }
    ]
}