7.2
CVE-2013-3301
- EPSS 0.34%
- Published 29.04.2013 14:55:04
- Last modified 11.04.2025 00:51:21
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.1 < 3.2.44
Linux ≫ Linux Kernel Version >= 3.3 < 3.4.49
Linux ≫ Linux Kernel Version >= 3.5 < 3.8.8
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Mrg Version2.0
Suse ≫ Linux Enterprise Desktop Version11 Updatesp3
Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp3
Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-
Suse ≫ Linux Enterprise Server Version11 Updatesp3 Editionvmware
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.557 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|