Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-1958

Опубликовано: 24 апр. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 1.9

Описание

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

РелизСтатусПримечание
devel

not-affected

3.8.0-17.27
hardy

not-affected

lucid

not-affected

oneiric

not-affected

precise

not-affected

quantal

not-affected

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

DNE

oneiric

DNE

precise

not-affected

quantal

not-affected

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

not-affected

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

ignored

end of life
oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

ignored

abandoned
hardy

DNE

lucid

DNE

oneiric

ignored

end of life
precise

ignored

end of life
quantal

ignored

end of life
upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

ignored

abandoned
hardy

DNE

lucid

DNE

oneiric

ignored

end of life
precise

ignored

end of life
quantal

ignored

end of life
upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

ignored

abandoned
hardy

DNE

lucid

DNE

oneiric

ignored

end of life
precise

ignored

end of life
quantal

ignored

end of life
upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

ignored

end of life
oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

not-affected

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

DNE

oneiric

DNE

precise

not-affected

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

ignored

end of life
oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

ignored

abandoned
hardy

DNE

lucid

ignored

end of life
oneiric

ignored

end of life
precise

ignored

end of life
quantal

ignored

end of life
upstream

released

3.9~rc5

Показывать по

РелизСтатусПримечание
devel

not-affected

hardy

DNE

lucid

DNE

oneiric

not-affected

precise

not-affected

quantal

not-affected

upstream

released

3.9~rc5

Показывать по

Ссылки на источники

EPSS

Процентиль: 12%
0.00039
Низкий

1.9 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2013-1958

nvd
почти 13 лет назад

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

debian логотип

CVE-2013-1958

debian
почти 13 лет назад

The scm_check_creds function in net/core/scm.c in the Linux kernel bef ...

github логотип

GHSA-w7c5-wqfh-q935

github
больше 3 лет назад

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

EPSS

Процентиль: 12%
0.00039
Низкий

1.9 Low

CVSS2