mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
872 B
872 B
CVE-2013-1959
Description
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
POC
Reference
- http://www.openwall.com/lists/oss-security/2013/04/29/1
- http://www.openwall.com/lists/oss-security/2013/04/29/1