6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.9%
Race condition in the ptrace_attach function in kernel/ptrace.c in the
Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a
PTRACE_ATTACH ptrace call during an exec system call that is launching a
setuid application, related to locking an incorrect cred_exec_mutex object.
Author | Note |
---|---|
kees | only affected 2.6.29 |