PT-2013-3492 · Linux · Linux Kernel
Andy Lutomirski
·
Publicado
2013-04-26
·
Atualizado
2023-02-13
·
CVE-2013-1959
CVSS v2.0
3.7
Baixa
| Vetor | AV:L/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 3.8.9
Description
The issue concerns a lack of appropriate capability requirements for the
uid map and gid map files in the Linux kernel. This allows local users to potentially gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.Recommendations
For Linux kernel versions prior to 3.8.9, update to version 3.8.9 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel