Veracode Vulnerability DatabaseVERACODE:14580Denial Of Service (DoS)
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
kernel-rt is vulnerable to denial of service. A flaw was found in the way file permission checks for the /dev/kmsg file were performed in restricted root environments (for example, when using a capability-based security model). A local user able to write to this file could cause a denial of service.
References
lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33
www.openwall.com/lists/oss-security/2013/02/26/9
access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-0566.html
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=773017
bugzilla.redhat.com/show_bug.cgi?id=866596
bugzilla.redhat.com/show_bug.cgi?id=866600
bugzilla.redhat.com/show_bug.cgi?id=916075
github.com/torvalds/linux/commit/ce0030c00f95cf9110d9cdcd41e901e1fb814417
rhn.redhat.com/errata/RHSA-2012-0333.html
rhn.redhat.com/errata/RHSA-2013-0566.html
Related
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C