Lucene search
Ubuntu.comUB:CVE-2013-4392HistoryOct 28, 2013 - 12:00 a.m.
CVE-2013-4392
2013-10-2800:00:00
ubuntu.com
ubuntu.com
13
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.3%
systemd, when updating file permissions, allows local users to change the
permissions and SELinux security contexts for arbitrary files via a symlink
attack on unspecified files.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=859060>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357>
Notes
| Author | Note |
|---|---|
| mdeslaur | this is likely in a systemd component we donβt ship |
| sbeattie | it also is mitigated by hardlink protections |
Related
prion
prion
Code injection
2013-10-28 22:55:00
cve
cve
CVE-2013-4392
2013-10-28 22:55:00
debiancve
debiancve
CVE-2013-4392
2013-10-28 22:55:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.3%
Related for UB:CVE-2013-4392