10 matches found
Arbitrary Code Execution
kernel-rt is vulnerable to arbitrary code execution. The vulnerability exists as it uses incorrect uid and gid values during credentials passing in the scmsetcred function...
Mandriva Linux Security Advisory : kernel (MDVSA-2013:176)
Multiple vulnerabilities has been found and corrected in the Linux kernel : The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
CVE-2013-1979
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
Design/Logic Flaw
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
CVE-2013-1979
The CVE-2013-1979 issue affects the Linux kernel (before 3.8.11) in the function scm_set_cred (include/net/scm.h). The root cause is incorrect uid/gid values passed during credentials handling, enabling local privilege escalation via a crafted application. The vulnerability impact is described as...
CVE-2013-1979
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
CVE-2013-1979
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
CVE-2013-1979
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
UBUNTU-CVE-2013-1979
The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...
kernel: af_netlink: invalid handling of SCM_CREDENTIALS passing
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...