CVE-2013-1959
published 2013-05-03CVE-2013-1959: kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows…
PriorityP420low3.7CVSS 2.0
AVLACHAuNCPIPAP
EXPLOIT
EPSS
1.26%
65.8th percentile
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
Affected
197 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.8.11-1 (bookworm) | linux 3.8.11-1 (bookworm) |
| linux | linux_kernel | <= 3.8.8 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.03.7LOWAV:L/AC:H/Au:N/C:P/I:P/A:P
osv3.7LOW
vendor_debian3.7LOW
vendor_redhat3.7LOW
vendor_ubuntu3.7LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2013-05-02·CVSS 3.7
CVE-2013-1959 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Andy Lutomirski discover an error in the Linux kernel's credential handling
on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)
Andy Lutomirski discovered a privilege escalation in the Linux kernel's
user namespaces. A local user could exploit the flaw to gain administrative
privileges. (CVE-2013-1959)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Debian
CVE-2013-1959: linux - kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropria...
vendor_debian·2013·CVSS 3.7
CVE-2013-1959 [LOW] CVE-2013-1959: linux - kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropria...
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
Scope: local
bookworm: resolved (fixed in 3.8.11-1)
bullseye: resolved (fixed in 3.8.11-1)
forky: resolved (fixed in 3.8.11-1)
sid: resolved (fixed in 3.8.11-1)
trixie: resolved (fixed in 3.8.11-1)
Red Hat
CVE-2013-1959: kernel/user_namespace
vendor_redhat·CVSS 3.7
CVE-2013-1959 [LOW] CVE-2013-1959: kernel/user_namespace
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
Statement: Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
GHSA
GHSA-264q-mfc4-v57c: kernel/user_namespace
ghsa_unreviewed·2022-05-17
CVE-2013-1959 [LOW] GHSA-264q-mfc4-v57c: kernel/user_namespace
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
OSV
CVE-2013-1959: kernel/user_namespace
osv·2013-05-03·CVSS 3.7
CVE-2013-1959 [LOW] CVE-2013-1959: kernel/user_namespace
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
No detection rules found.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6708075f104c3c9b04b23336bb0366ca30c3931bhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e3211c120a85b792978bcb4be7b2886df18d27f0http://www.exploit-db.com/exploits/25307http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9http://www.openwall.com/lists/oss-security/2013/04/29/1https://github.com/torvalds/linux/commit/6708075f104c3c9b04b23336bb0366ca30c3931bhttps://github.com/torvalds/linux/commit/e3211c120a85b792978bcb4be7b2886df18d27f0http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6708075f104c3c9b04b23336bb0366ca30c3931bhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e3211c120a85b792978bcb4be7b2886df18d27f0http://www.exploit-db.com/exploits/25307http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9http://www.openwall.com/lists/oss-security/2013/04/29/1https://github.com/torvalds/linux/commit/6708075f104c3c9b04b23336bb0366ca30c3931bhttps://github.com/torvalds/linux/commit/e3211c120a85b792978bcb4be7b2886df18d27f0
2013-05-03
Published