Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-1060

Опубликовано: 25 сент. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.9

Описание

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.

РелизСтатусПримечание
artful

not-affected

4.13.0-11.12
devel

not-affected

4.13.0-16.19
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/xenial

not-affected

4.2.0-16.19
lucid

released

2.6.32-51.113
precise

released

3.2.0-53.81
precise/esm

released

3.2.0-53.81
quantal

released

3.5.0-40.62
raring

released

3.8.0-30.44
saucy

not-affected

3.11.0-1.4

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.2.0-1624.36
precise/esm

DNE

precise was released [3.2.0-1624.36]
quantal

released

3.5.0-1621.29
raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

not-affected

4.15.0-1001.1
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1001.10
precise

DNE

precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2
upstream

not-affected

Ubuntu specific CVE
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

not-affected

4.15.0-1002.2
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/xenial

not-affected

4.11.0-1009.9
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1
upstream

not-affected

Ubuntu specific CVE
xenial

not-affected

4.11.0-1009.9

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

released

2.6.32-356.69
precise

DNE

precise/esm

DNE

quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
xenial

not-affected

4.4.0-9019.20

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was needed]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

DNE

trusty

ignored

end of standard support, was needed

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

DNE

precise/esm

DNE

quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

not-affected

4.15.0-1001.1
esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.10.0-1004.4
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
xenial

not-affected

4.10.0-1004.4

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was needed]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

ignored

trusty

ignored

end of standard support, was needed

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

ignored

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

not-affected

4.15.0-1002.2
esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
xenial

not-affected

4.4.0-1004.9

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
quantal

ignored

end of life
raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
quantal

ignored

end of life
raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
quantal

ignored

end of life
raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.5.0-40.62~precise1
precise/esm

DNE

precise was released [3.5.0-40.62~precise1]
quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.8.0-30.44~precise1
precise/esm

DNE

precise was released [3.8.0-30.44~precise1]
quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

not-affected

3.13.0-24.46~precise1
precise/esm

not-affected

3.13.0-24.46~precise1
saucy

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [3.16.0-25.33~14.04.2]]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

not-affected

3.16.0-25.33~14.04.2
trusty/esm

DNE

trusty was not-affected [3.16.0-25.33~14.04.2]
upstream

not-affected

Ubuntu specific CVE
utopic

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

not-affected

3.19.0-18.18~14.04.1
trusty/esm

DNE

trusty was not-affected [3.19.0-18.18~14.04.1]
upstream

not-affected

Ubuntu specific CVE
utopic

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [4.2.0-18.22~14.04.1]]
precise

DNE

precise/esm

DNE

trusty

not-affected

4.2.0-18.22~14.04.1
trusty/esm

DNE

trusty was not-affected [4.2.0-18.22~14.04.1]
upstream

not-affected

Ubuntu specific CVE
vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise

DNE

precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

not-affected

Ubuntu specific CVE
vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

ignored

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was needed]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

ignored

trusty

ignored

end of standard support, was needed

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was needed]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

DNE

saucy

ignored

trusty

ignored

end of standard support, was needed
trusty/esm

ignored

end of life, was needed

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

DNE

precise/esm

DNE

quantal

DNE

raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

not-affected

4.15.0-1001.2
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
xenial

not-affected

4.13.0-1008.9

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was ignored [abandoned]
quantal

ignored

end of life
raring

DNE

saucy

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

4.10.0-1004.6
devel

not-affected

4.13.0-1005.5
esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

4.4.0-1050.54
devel

DNE

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

Ubuntu specific CVE
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

released

3.2.0-1437.56
precise/esm

DNE

precise was released [3.2.0-1437.56]
quantal

released

3.5.0-232.48
raring

released

3.5.0-232.48
saucy

not-affected

3.5.0-232.48
trusty

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 16%
0.0005
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2013-1060

nvd
больше 12 лет назад

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.

github логотип

GHSA-cw67-f6h6-2gmf

github
больше 3 лет назад

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.

EPSS

Процентиль: 16%
0.0005
Низкий

6.9 Medium

CVSS2

Уязвимость CVE-2013-1060