Lucene search

K

[email protected]CVE-2013-1827

HistoryMar 22, 2013 - 11:59 a.m.

CVE-2013-1827

2013-03-2211:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

46

linux

kernel

cve

2013

1827

privilege escalation

nvd

security

vulnerability

7.2 High

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq3.5.2
linux:linux_kernellinux linux kernelle3.5.3
linux:linux_kernellinux linux kerneleq3.5.1

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=276bdb82dedb290511467a5a4fdbe9f0b52dce6f

rhn.redhat.com/errata/RHSA-2013-0744.html

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4

www.openwall.com/lists/oss-security/2013/03/07/2

bugzilla.redhat.com/show_bug.cgi?id=919164

github.com/torvalds/linux/commit/276bdb82dedb290511467a5a4fdbe9f0b52dce6f

7.2 High

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

Related for CVE-2013-1827

ubuntucve1 debiancve1 prion1 ubuntu7 openvas17 nessus9 oraclelinux3 redhat1 centos1 altlinux1 suse1