7.2

CVE-2013-3301

Exploit

EPSS 0.51%
Veröffentlicht 29.04.2013 14:55:04
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 9 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 3.1 < 3.2.44

Linux ≫ Linux Kernel Version >= 3.3 < 3.4.49

Linux ≫ Linux Kernel Version >= 3.5 < 3.8.8

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Mrg Version2.0

Suse ≫ Linux Enterprise Desktop Version11 Updatesp3

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp3

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Linux Enterprise Server Version11 Updatesp3 Editionvmware

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.51%	0.663

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html

Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2013-1051.html

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a76f8c0ab19f215af2a3442870eeb5f0e81998d

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.8

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2013/04/15/1

Mailing List

http://www.ubuntu.com/usn/USN-1834-1

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/USN-1835-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-1836-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-1838-1

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=952197

Third Party Advisory

Issue Tracking

https://github.com/torvalds/linux/commit/6a76f8c0ab19f215af2a3442870eeb5f0e81998d

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2013-3301

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-3301

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-3301

EUVD