Published: 18/02/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 625

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel prior to 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.2.21
linux linux kernel 3.4.4
linux linux kernel 3.0.25
linux linux kernel 3.1.2
linux linux kernel 3.4.11
linux linux kernel 3.0
linux linux kernel 3.2.19
linux linux kernel 3.0.22
linux linux kernel 3.2.23
linux linux kernel 3.4.13
linux linux kernel 3.0.5
linux linux kernel 3.5.2
linux linux kernel 3.2.18
linux linux kernel 3.3
linux linux kernel 3.0.38
linux linux kernel 3.1
linux linux kernel 3.2.5
linux linux kernel 3.2.26
linux linux kernel 3.4
linux linux kernel 3.0.18
linux linux kernel 3.0.6
linux linux kernel 3.0.36
linux linux kernel 3.4.23
linux linux kernel 3.0.35
linux linux kernel 3.0.11
linux linux kernel 3.0.34
linux linux kernel 3.5.7
linux linux kernel 3.0.32
linux linux kernel 3.2
linux linux kernel 3.4.18
linux linux kernel 3.4.6
linux linux kernel 3.2.16
linux linux kernel 3.4.12
linux linux kernel 3.3.2
linux linux kernel 3.0.19
linux linux kernel 3.2.27
linux linux kernel 3.0.37
linux linux kernel 3.0.4
linux linux kernel 3.3.8
linux linux kernel 3.0.27
linux linux kernel 3.3.3
linux linux kernel 3.4.5
linux linux kernel 3.2.11
linux linux kernel 3.7.1
linux linux kernel 3.0.42
linux linux kernel 3.0.23
linux linux kernel 3.7.3
linux linux kernel 3.2.10
linux linux kernel 3.0.8
linux linux kernel 3.2.14
linux linux kernel 3.4.14
linux linux kernel 3.3.4
linux linux kernel
linux linux kernel 3.2.29
linux linux kernel 3.0.40
linux linux kernel 3.4.19
linux linux kernel 3.7
linux linux kernel 3.0.33
linux linux kernel 3.4.9
linux linux kernel 3.0.28
linux linux kernel 3.5.6
linux linux kernel 3.3.6
linux linux kernel 3.6.9
linux linux kernel 3.2.25
linux linux kernel 3.2.4
linux linux kernel 3.4.15
linux linux kernel 3.0.13
linux linux kernel 3.4.3
linux linux kernel 3.2.9
linux linux kernel 3.0.10
linux linux kernel 3.2.15
linux linux kernel 3.0.1
linux linux kernel 3.1.6
linux linux kernel 3.6.10
linux linux kernel 3.2.20
linux linux kernel 3.2.24
linux linux kernel 3.4.24
linux linux kernel 3.2.6
linux linux kernel 3.2.2
linux linux kernel 3.0.17
linux linux kernel 3.1.3
linux linux kernel 3.1.9
linux linux kernel 3.0.44
linux linux kernel 3.0.16
linux linux kernel 3.5.5
linux linux kernel 3.2.13
linux linux kernel 3.0.21
linux linux kernel 3.0.7
linux linux kernel 3.4.10
linux linux kernel 3.1.5
linux linux kernel 3.1.8
linux linux kernel 3.2.1
linux linux kernel 3.2.7
linux linux kernel 3.5.3
linux linux kernel 3.0.20
linux linux kernel 3.0.24
linux linux kernel 3.3.5
linux linux kernel 3.4.8
linux linux kernel 3.5.4
linux linux kernel 3.0.15
linux linux kernel 3.2.30
linux linux kernel 3.0.39
linux linux kernel 3.0.2
linux linux kernel 3.6.11
linux linux kernel 3.4.20
linux linux kernel 3.7.4
linux linux kernel 3.5.1
linux linux kernel 3.4.2
linux linux kernel 3.1.7
linux linux kernel 3.1.1
linux linux kernel 3.7.2
linux linux kernel 3.4.1
linux linux kernel 3.3.7
linux linux kernel 3.0.12
linux linux kernel 3.2.22
linux linux kernel 3.2.17
linux linux kernel 3.4.16
linux linux kernel 3.4.22
linux linux kernel 3.2.8
linux linux kernel 3.1.10
linux linux kernel 3.3.1
linux linux kernel 3.0.3
linux linux kernel 3.0.9
linux linux kernel 3.0.26
linux linux kernel 3.1.4
linux linux kernel 3.0.43
linux linux kernel 3.0.30
linux linux kernel 3.0.31
linux linux kernel 3.0.29
linux linux kernel 3.2.12
linux linux kernel 3.4.17
linux linux kernel 3.2.28
linux linux kernel 3.0.14
linux linux kernel 3.4.7
linux linux kernel 3.4.21
linux linux kernel 3.2.3
linux linux kernel 3.0.41

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and three bugsare now available for Red Hat Enterprise MRG 23The Red Hat Security Response Team has rated this update as havingimportant se ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having important security impact A Common Vulnerabili ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security i ...

Several security issues were fixed in the kernel ...

// PoC exploit for /dev/cpu/*/msr, 32bit userland on a 64bit host // can do whatever in the commented area, re-enable module support, etc // requires CONFIG_X86_MSR and just uid 0 // a small race exists between the time when the MSR is written to the first // time and when we issue our sysenter // we additionally require CAP_SYS_NICE to make the r ...

CWE-264 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6 https://bugzilla.redhat.com/show_bug.cgi?id=908693 http://www.openwall.com/lists/oss-security/2013/02/07/12 https://github.com/torvalds/linux/commit/c903f0456bc69176912dee6dd25c6a66ee1aed00 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c903f0456bc69176912dee6dd25c6a66ee1aed00 https://access.redhat.com/errata/RHSA-2013:0622 https://nvd.nist.gov https://www.exploit-db.com/exploits/27297/https://usn.ubuntu.com/1778-1/

Get Started

CVE-2013-0268

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect