Lucene search
Ubuntu.comUB:CVE-2013-1959HistoryApr 26, 2013 - 12:00 a.m.
CVE-2013-1959
2013-04-2600:00:00
ubuntu.com
ubuntu.com
10
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.2%
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have
appropriate capability requirements for the uid_map and gid_map files,
which allows local users to gain privileges by opening a file within an
unprivileged process and then modifying the file within a privileged
process.
Bugs
Notes
| Author | Note |
|---|---|
| jj | break commit 771b1371686e0a63e938ada28de020b9a0040f55 is the commit where user namespaces where enabled, and may not be the actual commit that causes the specific breakage, but they where not available to cause the CVE before this commit. |
Related
zdt
zdt
Linux Kernel Capability file_ns_capable() - Privilege Escalation
2013-05-08 00:00:00
redhatcve
redhatcve
CVE-2013-1959
2015-10-30 10:15:03
prion
prion
Design/Logic Flaw
2013-05-03 11:57:00
cve
cve
CVE-2013-1959
2013-05-03 11:57:00
debiancve
debiancve
CVE-2013-1959
2013-05-03 11:57:00
openvas
openvas
Ubuntu Update for linux USN-1815-1
2013-06-14 00:00:00
Ubuntu: Security Advisory (USN-1815-1)
2013-06-14 00:00:00
securityvulns
securityvulns
[USN-1815-1] Linux kernel vulnerabilities
2013-05-04 00:00:00
Linux kernel multiple security vulnerabilities
2013-05-27 00:00:00
nessus
nessus
Ubuntu 13.04 : linux vulnerabilities (USN-1815-1)
2013-05-03 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-05-02 00:00:00
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.2%
Related for UB:CVE-2013-1959