CVE-2013-2207: pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission…

low2.6CVSS 3.1

AVLACHAuNCPIPAN

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Affected

35 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	glibc	< glibc 2.21-1 (bookworm)	glibc 2.21-1 (bookworm)
eglibc	eglibc	>= 0 < 2.19-0ubuntu6.8	2.19-0ubuntu6.8
eglibc	eglibc	>= 0 < 2.19-0ubuntu6.9	2.19-0ubuntu6.9
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
gnu	glibc	<= 2.17	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—
gnu	glibc	—	—

CVSS provenance

nvd2.6LOWAV:L/AC:H/Au:N/C:P/I:P/A:N

osv2.6LOW