LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2013-0268
Created:February 10, 2013 Updated:March 15, 2013
Description: The kernel's MSR register driver relied only upon filesystem-level access checks to restrict users who could write registers. As a result, the root user could access registers even if the capabilities that would ordinarily restrict such activity (CAP_SYS_RAWIO) had been dropped. The consequences are severe — execution of arbitrary code in kernel mode — but exploitation requires a process already running as root.
Alerts:
Fedora FEDORA-2013-1961 2013-02-08
Mageia MGASA-2013-0066 2013-02-22
Mageia MGASA-2013-0067 2013-02-22
Mageia MGASA-2013-0068 2013-02-22
Mageia MGASA-2013-0069 2013-02-22
Mageia MGASA-2013-0070 2013-02-22
openSUSE openSUSE-SU-2013:0396-1 2013-03-05
Ubuntu USN-1756-1 2013-03-06
Red Hat RHSA-2013:0621-01 2013-03-11
Red Hat RHSA-2013:0622-01 2013-03-11
CentOS CESA-2013:0621 2013-03-12
Scientific Linux SL-kern-20130312 2013-03-12
Red Hat RHSA-2013:0630-01 2013-03-12
CentOS CESA-2013:0630 2013-03-13
Oracle ELSA-2013-0621 2013-03-12
Oracle ELSA-2013-0630 2013-03-12
Ubuntu USN-1760-1 2013-03-12
Oracle ELSA-2013-2512 2013-03-14
Oracle ELSA-2013-2511 2013-03-14
Scientific Linux SL-kern-20130314 2013-03-14
Ubuntu USN-1767-1 2013-03-18
Ubuntu USN-1769-1 2013-03-18
Ubuntu USN-1768-1 2013-03-18
Ubuntu USN-1775-1 2013-03-22
Ubuntu USN-1776-1 2013-03-22
Ubuntu USN-1778-1 2013-03-22
Scientific Linux SL-kern-20130325 2013-03-25
Ubuntu USN-1781-1 2013-03-26
(Log in to post comments)

kernel: privilege escalation

Posted Mar 1, 2013 20:07 UTC (Fri) by BenHutchings (subscriber, #37955) [Link]

Also fixed in Debian 6.0.7 (package version 2.6.32-48), but didn't get a DSA.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds