Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2019-13272

CVSSv4: NA | CVSSv3: 7.8 | CVSSv2: 7.2 | VMScore: 880 | EPSS: 0.81732 | KEV: Exploitation Reported
Published: 17/07/2019 Updated: 21/11/2024

Vulnerability Summary

In the Linux kernel prior to 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 8.0

debian debian linux 9.0

debian debian linux 10.0

fedoraproject fedora 29

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

redhat enterprise linux 7.0

redhat enterprise linux 8.0

redhat enterprise linux for arm 64 7.0 aarch64

redhat enterprise linux for ibm z systems 7.0 s390x

redhat enterprise linux for real time 8

redhat enterprise linux for real time for nfv 8.0

redhat enterprise linux for real time for nfv tus 8.2

redhat enterprise linux for real time for nfv tus 8.4

redhat enterprise linux for real time for nfv tus 8.6

redhat enterprise linux for real time for nfv tus 8.8

redhat enterprise linux for real time tus 8.2

redhat enterprise linux for real time tus 8.4

redhat enterprise linux for real time tus 8.6

redhat enterprise linux for real time tus 8.8

netapp aff a700s firmware -

netapp h410c firmware -

netapp h610s firmware -

netapp active iq unified manager -

netapp e-series performance analyzer -

netapp e-series santricity os controller

netapp hci management node -

netapp service processor -

netapp solidfire -

netapp steelstore cloud integrated storage -

netapp hci compute node -

Vendor Advisories

Red Hat: Important: kernel-rt security update
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...
Debian Security Advisories: DSA-4484-1 linux -- security update
Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios For the oldstable distribution (stretch), this problem has been fixed in version 49168-1+deb9u4 For the s ...
Ubuntu Security Notice: linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-hwe, linux-azure, linux-gcp, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: CVE-2019-13272
Impact: Critical Public Date: 2019-07-16 CWE: CWE-271 Bugzilla: 1730895: CVE-2019-13272 kernel: broken ...

Exploits

Exploit DB: Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
// Linux 410 &lt; 5117 PTRACE_TRACEME local root (CVE-2019-13272) // Uses pkexec technique // --- // Original discovery and exploit author: Jann Horn // - bugschromiumorg/p/project-zero/issues/detail?id=1903 // --- // &lt;bcoles@gmailcom&gt; // - added known helper paths // - added search for suitable helpers // - added automatic targ ...
Exploit DB: Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME
== Summary == This bug report describes two issues introduced by commit 64b875f7ac8a ("ptrace: Capture the ptracer's creds not PT_PTRACE_CAP", introduced in v410 but also stable-backported to older versions) I will send a suggested patch in a minute ("ptrace: Fix -&gt;ptracer_cred handling for PTRACE_TRACEME") When called for PTRACE_TRACEME, pt ...
Exploit DB: Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule &lt; Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Post::Linux::Priv include Msf::Post::Linux::Kernel include Msf::Post::Linux::System inclu ...
Exploit DB: Linux Kernel 5.1.x PTRACE_TRACEME pkexec Local Privilege Escalation
Linux kernel version 51x PTRACE_TRACEME pkexec local privilege escalation exploit ...
Exploit DB: Linux PTRACE_TRACEME Local Root
Linux kernel versions starting at 410 and below 517 PTRACE_TRACEME local root exploit that uses the pkexec technique ...
Exploit DB: Linux Polkit pkexec Helper PTRACE_TRACEME Local Root
This Metasploit module exploits an issue in ptrace_link in kernel/ptracec before Linux kernel 5117 This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent In the Linux kernel before 5117, ptrace_link in kernel/ptracec misha ...

Github Repositories

https://github.com/asepsaepdin/CVE-2019-13272

CVE-2019-13272 - Pkexec Local Privilege Escalation ⚠️ For educational and authorized security research purposes only Original Exploit Authors Very grateful to the original PoC author BCOLES Description In the Linux kernel before 5117, ptrace_link in kernel/ptracec mishandles the recording of the credentials of a process that wants to create a ptrace relationship, whi

https://github.com/MDS1GNAL/ptrace_scope-CVE-2019-13272-privilege-escalation

Es una vulnerabilidad para escalar privilegios en linux.

CVE-2019-13272 Es una vulnerabilidad para escalar privilegios en linux Aún, en la mayoría de distros linux no ha sido arreglada Para ejecutar el exploit, solo es necesario tener instalado gdb En las releases os dejaré binarios de gdb para algunas arquitecturas Me he basado en el exploit que hizo s4vitar, pero, el mio esta el español y más

https://github.com/umsundu/CVE-2019-13272

temp

CVE-2019-13272 temp

https://github.com/oneoy/CVE-2019-13272

linux 提权

CVE-2019-13272 Linux local root exploit Linux 410 &lt; 5117 PTRACE_TRACEME local root (CVE-2019-13272) In the Linux kernel before 5117, ptrace_link in kernel/ptracec mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child

https://github.com/Huandtx/CVE-2019-13272

5.1.17之前的Linux内核中普通用户执行文件提权为root用户

CVE-2019-13272 5117之前的Linux内核中普通用户执行文件提权为root用户

https://github.com/nyk4989/search_gtfobins

# Search_gtfobins ## ツールの経緯 このツールはLinupeasなどのツールでSSUIDの設定ミスなどを列挙したときに、GTFOBinsで悪用手掛かりを探す工程で漏れることがよくあり、このツールを使うことによって網羅的に確認ができることにより、見落としを防止することができる。 ## ツールの説明

https://github.com/pwnCmndr/LinuxPrivEsc

Linux Privilege Escalation techniques & resources

LinuxPrivEsc Linux Privilege Escalation techniques &amp; resources Enumeration system enum user enum network enum password hunting Automated tools linpeas linenum linux exploit suggestor Linuxprivchecker Enumeration We assume that first exploited &amp; have access to the m/c, But the user is non admin now we have to go through the stages of 5 stage methodlogy

https://github.com/ONQLin/OS-CourseDesign

A group project in Operating System /Linux (CS356 SJTU)

OS-CourseDesign A group project in Operating System /Linux (CS356 SJTU) Introduction: ghostsh为整合后的脚本文件 ghost文件下编写lkm相关的框架和文件,在cd到ghost目录下后 make 便会生成ko后缀的内核模块,可直接插入415linux内核 aes-target 是aes加密的目标路径(default) cpuc 为手动占用cpu资源程序 pocc 为CVE-2

https://github.com/sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272

-CVE-2019-13272

https://github.com/Cyc1eC/CVE-2019-13272

The exploit for CVE-2019-13272

CVE-2019-13272 The exploit for CVE-2019-13272 漏洞类型:Linux本地提权 漏洞影响范围:Linux内核版本低于5117 本地测试环境: 漏洞相关信息: bugschromiumorg/p/project-zero/issues/detail?id=1903

https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability

Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287

Exploiting-a-Linux-kernel-vulnerability - IT19159140 Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287 Absolutely, I always choose Linux vulnerability, but then I had to choose different vulnerability else because I didn't know two people could do the same thing And then Having learned of this, I chose a different vulnerability

https://github.com/Tharana/vulnerability-exploitation

Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287/Google Android - 'Stagefright' Remote Code Execution - CVE-2015-1538

vulnerability-exploitation Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287/Google Android - 'Stagefright' Remote Code Execution - CVE-2015-1538 Absolutely, I always choose Linux vulnerability, but then I had to choose different vulnerability else because I didn't know two people could do the same thing And then Havi

https://github.com/jas502n/CVE-2019-13272

Linux 4.10 < 5.1.17 PTRACE_TRACEME local root

CVE-2019-13272 Linux local root exploit Linux 410 &lt; 5117 PTRACE_TRACEME local root (CVE-2019-13272) In the Linux kernel before 5117, ptrace_link in kernel/ptracec mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child

https://github.com/RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272-

Privilege-Escalation-CVE-2019-13272- This repository contains a report of Privilege Escalation vulnerability (CVE-2019-13272)

https://github.com/karlhat/Ksplice-demo

Ksplice-demo ksplice-demo Vagrant box installs Oracle Linux 80 to run a ksplice demo Prerequisites Install Oracle VM VirtualBox on your Host Install Vagrant on your Host Install Git on your host A valid Ksplice Access Key, retrieve it from KSplice Web Site Getting started Preparation before to run demo Clone this repository git clone githubcom/karlhat/Ksplice-demo

https://github.com/HaleyWei/POC-available

POCs can run in some Linux kernel versions

POC-available POCs can run in some Linux kernel versions CVE-2019-11599 POC运行内核版本:462 运行方式: gcc -o coredump_helper coredump_helperc sudo /set_helpersh gcc -o dumpme dumpmec /dumpme 运行结果: 运行poc 通过dmesg查看日志 CVE-2019-9213 POC运行内核版本:462 运行方式: gcc -o nullmap nullmapc /nullmap 运行结果: CVE-

https://github.com/sumedhaDharmasena/-CVE-2019-13272

-CVE-2019-13272

https://github.com/kurniawandata/xcoderootsploit

Aplikasi untuk privilege escalation secara otomatis pada target linux

xcoderootsploit Aplikasi untuk privilege escalation secara otomatis pada target linux Sumber : Privilege Escalation pada Ubuntu 20042 (Bisa untuk target Ubuntu 2010 dan 2104) - CVE-2021-3490 githubcom/chompie1337/Linux_LPE_eBPF_CVE-2021-3490 Privilege Escalation pada linux Ubuntu 20041 (CVE-2019-13272) githubcom/blasty/CVE-2021-3156 Privilege Escalation

https://github.com/Whiteh4tWolf/xcoderootsploit

xcoderootsploit X-code Root Sploit v01 Beta 1 Dibangun oleh Kurniawan - kurniawanajazenfone@gmailcom - xcodecoid - 20 Maret 2024 Aplikasi untuk membantu privilege escalation secara otomatis pada target linux Dengan exploit ini maka peretas cukup menjalankan program maka otomatis bisa mendapatkan akses root selama target mempunyai kerentanan untuk dilakukan privil

References

NVD-CWE-noinfohttps://access.redhat.com/errata/RHSA-2019:2405https://nvd.nist.govhttps://usn.ubuntu.com/4118-1/https://www.exploit-db.com/exploits/47163https://www.first.org/epsshttp://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.htmlhttp://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttp://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.htmlhttp://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.htmlhttp://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.htmlhttp://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-pkexec-Local-Privilege-Escalation.htmlhttps://access.redhat.com/errata/RHSA-2019:2405https://access.redhat.com/errata/RHSA-2019:2411https://access.redhat.com/errata/RHSA-2019:2809https://bugs.chromium.org/p/project-zero/issues/detail?id=1903https://bugzilla.redhat.com/show_bug.cgi?id=1730895https://bugzilla.suse.com/show_bug.cgi?id=1140671https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41eehttps://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41eehttps://lists.debian.org/debian-lts-announce/2019/07/msg00022.htmlhttps://lists.debian.org/debian-lts-announce/2019/07/msg00023.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGRK5LYWBJ4E4SRI4DKX367NHYSI3VOH/https://seclists.org/bugtraq/2019/Jul/30https://seclists.org/bugtraq/2019/Jul/33https://security.netapp.com/advisory/ntap-20190806-0001/https://support.f5.com/csp/article/K91025336https://support.f5.com/csp/article/K91025336?utm_source=f5support&%3Butm_medium=RSShttps://usn.ubuntu.com/4093-1/https://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4095-1/https://usn.ubuntu.com/4117-1/https://usn.ubuntu.com/4118-1/https://www.debian.org/security/2019/dsa-4484http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.htmlhttp://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttp://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.htmlhttp://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.htmlhttp://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.htmlhttp://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-pkexec-Local-Privilege-Escalation.htmlhttps://access.redhat.com/errata/RHSA-2019:2405https://access.redhat.com/errata/RHSA-2019:2411https://access.redhat.com/errata/RHSA-2019:2809https://bugs.chromium.org/p/project-zero/issues/detail?id=1903https://bugzilla.redhat.com/show_bug.cgi?id=1730895https://bugzilla.suse.com/show_bug.cgi?id=1140671https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41eehttps://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41eehttps://lists.debian.org/debian-lts-announce/2019/07/msg00022.htmlhttps://lists.debian.org/debian-lts-announce/2019/07/msg00023.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGRK5LYWBJ4E4SRI4DKX367NHYSI3VOH/https://seclists.org/bugtraq/2019/Jul/30https://seclists.org/bugtraq/2019/Jul/33https://security.netapp.com/advisory/ntap-20190806-0001/https://support.f5.com/csp/article/K91025336https://support.f5.com/csp/article/K91025336?utm_source=f5support&%3Butm_medium=RSShttps://usn.ubuntu.com/4093-1/https://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4095-1/https://usn.ubuntu.com/4117-1/https://usn.ubuntu.com/4118-1/https://www.debian.org/security/2019/dsa-4484
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-27736dell client platform biosmicrosoft sharepoint enterprise server 2016windows admin center in azure portalCVE-2025-29805arbitrary CVE-2025-31161XXEvalidationCVE-2025-2704CVE-2025-30286CVE-2025-27727microsoft
Home
/
Search Results
/
CVE-2019-13272
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook