Privilege Escalation

2020-04-1001:07:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

kernel is vulnerable to privilege escalation. A flaw was found in the way the Linux kernel handled robust list pointers of user-space held futexes across exec() calls. A local, unprivileged user could use this flaw to cause a denial of service or, eventually, escalate their privileges.

CPENameOperatorVersion
kerneleq2.6.18__164.9.1.el5
kerneleq2.6.18__8.1.15.el5
kerneleq2.6.18__164.10.1.el5
kerneleq2.6.18__53.1.21.el5
kerneleq2.6.18__128.4.1.el5
kerneleq2.6.18__274.3.1.el5
kerneleq2.6.18__238.12.1.el5
kerneleq2.6.18__92.1.18.el5
kerneleq2.6.18__128.7.1.el5
kerneleq2.6.18__8.1.8.el5

Name	Operator	Version
kernel	eq	2.6.18__164.9.1.el5
kernel	eq	2.6.18__8.1.15.el5
kernel	eq	2.6.18__164.10.1.el5
kernel	eq	2.6.18__53.1.21.el5
kernel	eq	2.6.18__128.4.1.el5
kernel	eq	2.6.18__274.3.1.el5
kernel	eq	2.6.18__238.12.1.el5
kernel	eq	2.6.18__92.1.18.el5
kernel	eq	2.6.18__128.7.1.el5
kernel	eq	2.6.18__8.1.8.el5