CVE-2019-13272
published 2019-07-17CVE-2019-13272: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-06-10
Exploited in the wild
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 4.19.37-6 (bookworm) | linux 4.19.37-6 (bookworm) |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | >= 0 < 4.19.37-6 | 4.19.37-6 |
| linux | linux_kernel | >= 0 < 4.19.37-6 | 4.19.37-6 |
| linux | linux_kernel | >= 0 < 4.19.37-6 | 4.19.37-6 |
| linux | linux_kernel | >= 0 < 4.19.37-6 | 4.19.37-6 |
| linux | linux_kernel | >= 0 < 4.4.0-159.187 | 4.4.0-159.187 |
| linux | linux_kernel | >= 0 < 4.15.0-58.64 | 4.15.0-58.64 |
| linux | linux_kernel | >= 3.16.52 < 3.16.71 | 3.16.71 |
| linux | linux_kernel | >= 4.1.39 < 4.2 | 4.2 |
| linux | linux_kernel | >= 4.10 < 4.14.133 | 4.14.133 |
| linux | linux_kernel | >= 4.15 < 4.19.58 | 4.19.58 |
| linux | linux_kernel | >= 4.20 < 5.1.17 | 5.1.17 |
| linux | linux_kernel | >= 4.4.40 < 4.4.185 | 4.4.185 |
| linux | linux_kernel | >= 4.8.16 < 4.9 | 4.9 |
| linux | linux_kernel | >= 4.9.1 < 4.9.185 | 4.9.185 |
| netapp | e-series_santricity_os_controller | 11.0.0 – 11.60.3 | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vulncheck7.8HIGH
cisa7.8HIGH