Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-3301

Опубликовано: 11 апр. 2013
Источник: redhat
CVSS2: 4.4
EPSS Низкий

Описание

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Отчет

This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5. This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
OpenStack 3 for RHEL 6kernelFixedRHSA-2013:108016.07.2013
Red Hat Enterprise Linux 6kernelFixedRHSA-2013:105116.07.2013
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2013:126416.09.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=952197Kernel: tracing: NULL pointer dereference

EPSS

Процентиль: 58%
0.00373
Низкий

4.4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-3301

ubuntu
больше 12 лет назад

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

nvd логотип

CVE-2013-3301

nvd
больше 12 лет назад

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

debian логотип

CVE-2013-3301

debian
больше 12 лет назад

The ftrace implementation in the Linux kernel before 3.8.8 allows loca ...

github логотип

GHSA-c2pp-ff3q-qvxc

github
около 3 лет назад

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

oracle-oval логотип

ELSA-2013-2538

oracle-oval
около 12 лет назад

ELSA-2013-2538: unbreakable enterprise kernel security update (MODERATE)

EPSS

Процентиль: 58%
0.00373
Низкий

4.4 Medium

CVSS2