CVE-2013-4300

Published: Sep 25, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d661684cf6820331feae71146c35da83d794467e

x_refsource_CONFIRM

USN-1995-1

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/d661684cf6820331feae71146c35da83d794467e

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1004736

x_refsource_CONFIRM

[oss-security] 20130904 Re: CVE request: Kernel PID Spoofing Privilege Escalation Vulnerability

mailing-list

x_refsource_MLIST

https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.11.bz2

x_refsource_CONFIRM

USN-1998-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4300

Description

Affected Products

References