Your submission was sent successfully! Close

CVE-2013-1958

Published: 24 April 2013

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
Patches:
Introduced by 49f4d8b93ccf9454284b6f524b96c66d8d7fbccc
Fixed by 92f28d973cce45ef5823209aab3138eb45d8b349
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (3.9~rc5)