CVE-2001-0317
published 2001-05-03CVE-2001-0317: Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
PriorityP415low3.7CVSS 2.0
AVLACHAuNCPIPAP
EXPLOIT
EPSS
0.72%
49.1th percentile
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.03.7LOWAV:L/AC:H/Au:N/C:P/I:P/A:P
vendor_redhat3.7LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2001-02-08·CVSS 3.7
CVE-2001-0317 [LOW] security flaw
security flaw
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
GHSA
GHSA-qr7m-wxwp-4hxg: Race condition in ptrace in Linux kernel 2
ghsa_unreviewed·2022-04-30
CVE-2001-0317 [LOW] GHSA-qr7m-wxwp-4hxg: Race condition in ptrace in Linux kernel 2
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
No detection rules found.
Exploit-DB
Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (2)
exploitdb·2001-03-27
CVE-2001-0317 Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (2)
Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (2)
---
/*
source: https://www.securityfocus.com/bid/2529/info
The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a community of developers.
A problem in the Linux Kernel could make it possible for a local user to gain elevated privileges. A problem with the checking of process tracing on programs attempting to execute other programs that are setuid or setgid. It is possible to trace a process after it has entered a setuid or setgid execution state.
This makes it possible for a local user to change parts of the process as they function, and potentially gain elevated privileges.
Exploit-DB
Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (1)
exploitdb·2001-03-27
CVE-2001-0317 Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (1)
Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (1)
---
/*
EDB Note: Updated exploit can be found here: https://www.exploit-db.com/exploits/20721/
source: https://www.securityfocus.com/bid/2529/info
The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a community of developers.
A problem in the Linux Kernel could make it possible for a local user to gain elevated privileges. A problem with the checking of process tracing on programs attempting to execute other programs that are setuid or setgid. It is possible to trace a process after it has entered a setuid or setgid execution state.
This makes it possible for a local user t
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.htmlhttp://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txthttp://www.redhat.com/support/errata/RHSA-2001-013.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/6080http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.htmlhttp://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txthttp://www.redhat.com/support/errata/RHSA-2001-013.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/6080
2001-05-03
Published