4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:C/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel
before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the
dmesg_restrict value, which allows local users to bypass intended access
restrictions and read the kernel ring buffer by leveraging root privileges,
as demonstrated by a root user in a Linux Containers (aka LXC) environment.
Author | Note |
---|---|
tyhicks | There was some talk in the oss-sec thread about rejecting this CVE. It isn’t clear if it was rejected or not. |