Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4347 — Improper Privilege Management in Kernel

CWE-269 — Improper Privilege Management7 documents6 sources

Severity

6.9MEDIUMNVD

EPSS

5.9%

top 9.35%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Linux Kernel Opensuse Suse Linux Enterprise Real Time Extension

Timeline

PublishedDec 22

Latest updateMay 13

Description

The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

▶NVDlinux/linux_kernel< 2.6.36.2

▶NVDsuse/linux_enterprise_real_time_extension11

▶NVDopensuse/opensuse11.3

Patches

Patch: openwall.com ↗Patch: openwall.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-vpxp-m77w-89hf: The ACPI subsystem in the Linux kernel before 2↗2022-05-13

▶

CVEList

CVE-2010-4347: The ACPI subsystem in the Linux kernel before 2↗2010-12-22

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel < 2.6.37-rc2 - 'ACPI custom_method' Local Privilege Escalation↗2010-12-18

▶

📋Vendor Advisories

Red Hat

kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions↗2011-02-22

▶

Red Hat

kernel: local privilege escalation via /sys/kernel/debug/acpi/custom_method↗2010-11-13

▶

💬Community

Bugzilla

CVE-2010-4347 kernel: local privilege escalation via /sys/kernel/debug/acpi/custom_method↗2010-12-16

▶