ID:4382 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2013-0268

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4382 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2013-0268

ID:4382 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2013-0268

Published: August 11, 2020


Vulnerability identifier: #VU43089
Vulnerability risk: Medium
CVE-ID: CVE-2013-0268
CWE-ID: CWE-264
Exploitation vector: Remote access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.


Remediation

Install update from vendor's website.