CVE-2013-3301

2013-04-2914:55:04

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

26.5%

JSON

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Affected configurations

Nvd

Node

linuxlinux_kernelRange3.1–3.2.44

linuxlinux_kernelRange3.3–3.4.49

linuxlinux_kernelRange3.5–3.8.8

Node

redhatenterprise_linuxMatch6.0

redhatenterprise_mrgMatch2.0

Node

suselinux_enterprise_desktopMatch11sp3

suselinux_enterprise_high_availability_extensionMatch11sp3

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
redhatenterprise_linux6.0cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
redhatenterprise_mrg2.0cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
suselinux_enterprise_desktop11cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
suselinux_enterprise_high_availability_extension11cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
redhat	enterprise_linux	6.0	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
redhat	enterprise_mrg	2.0	cpe:2.3:o:redhat:enterprise_mrg:2.0:::::::*
suse	linux_enterprise_desktop	11	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
suse	linux_enterprise_high_availability_extension	11	cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3::::::
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:::::*