Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:14591
HistoryMay 02, 2019 - 4:54 a.m.

Authorization Bypass

2019-05-0204:54:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

JSON

kernel-rt is vulnerable to authorization bypass. A flaw was found in the way file permission checks for the /dev/cpu/[x]/msr files were performed in restricted root environments (for example, when using a capability-based security model). A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register.

Related

packetstorm 1
prion 1
ubuntucve 1
zdt 2
nessus 33
openvas 45
debiancve 1
oraclelinux 7
cve 1
centos 2
fedora 1
redhat 4
ubuntu 10
vmware 2
suse 6
securityvulns 4
altlinux 1
packetstorm
packetstorm
Linux Kernel MSR Driver Privilege Escalation
2013-08-04 00:00:00
prion
prion
Security feature bypass
2013-02-18 04:41:00
ubuntucve
ubuntucve
CVE-2013-0268
2013-02-17 00:00:00
zdt
zdt
Linux Kernel MSR Driver Privilege Escalation Vulnerability
2013-08-05 00:00:00
Linux Kernel 'MSR' Driver Local Privilege Escalation
2013-08-03 00:00:00
nessus
nessus
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2512)
2013-07-12 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2511)
2013-07-12 00:00:00
Fedora 18 : kernel-3.7.6-201.fc18 (2013-1961)
2013-02-10 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2013-2512)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2013-2511)
2015-10-06 00:00:00
CentOS Update for kernel CESA-2013:0630 centos6
2013-03-15 00:00:00
debiancve
debiancve
CVE-2013-0268
2013-02-18 04:41:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel Security update
2013-03-13 00:00:00
Unbreakable Enterprise kernel Security update
2013-03-13 00:00:00
kernel security update
2013-03-11 00:00:00
cve
cve
CVE-2013-0268
2013-02-18 04:41:00
centos
centos
kernel, perf, python security update
2013-03-13 11:49:36
kernel security update
2013-03-12 05:51:58
fedora
fedora
[SECURITY] Fedora 18 Update: kernel-3.7.6-201.fc18
2013-02-08 16:56:42
redhat
redhat
(RHSA-2013:0630) Important: kernel security and bug fix update
2013-03-12 00:00:00
(RHSA-2013:0621) Important: kernel security update
2013-03-11 00:00:00
(RHSA-2013:0622) Important: kernel-rt security and bug fix update
2013-03-11 00:00:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2013-03-22 00:00:00
Linux kernel vulnerabilities
2013-03-22 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-03-22 00:00:00
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
suse
suse
Security update for Linux kernel (important)
2013-04-13 01:04:40
kernel: security and bugfix update (important)
2013-03-05 18:04:24
Security update for Linux kernel (important)
2013-05-07 21:04:31
securityvulns
securityvulns
[USN-1756-1] Linux kernel vulnerabilities
2013-03-11 00:00:00
[USN-1767-1] Linux kernel vulnerabilities
2013-03-19 00:00:00
Linux kernel multiple security vulnerabilities
2013-03-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt13
2013-11-24 00:00:00

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:14591
packetstorm1prion1ubuntucve1zdt2nessus33openvas45debiancve1oraclelinux7cve1centos2fedora1redhat4ubuntu10vmware2suse6securityvulns4altlinux1