DEBIAN-CVE-2015-3246

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/DEBIAN-CVE-2015-3246
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2015-3246.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2015-3246
Published
2015-08-11T14:59:07Z
Modified
2025-09-19T06:06:36Z
Summary
[none]
Details

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.

References

Affected packages

Debian:11 / libuser

Package

Name
libuser
Purl
pkg:deb/debian/libuser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.62~dfsg-0.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / libuser

Package

Name
libuser
Purl
pkg:deb/debian/libuser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.62~dfsg-0.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / libuser

Package

Name
libuser
Purl
pkg:deb/debian/libuser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.62~dfsg-0.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / libuser

Package

Name
libuser
Purl
pkg:deb/debian/libuser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.62~dfsg-0.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}