CVE 2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process.
Related bugs and status
CVE-2013-1858 (Candidate) is related to these bugs:
Bug #1156778: CVE-2013-1858
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1156778 | CVE-2013-1858 | linux (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Raring) | High | Won't Fix | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Raring) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Raring) | High | Won't Fix | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Quantal) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Precise) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Oneiric) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Lucid) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ec2 (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-fsl-imx51 (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-maverick (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-natty (Ubuntu Hardy) | Undecided | Invalid | ||
1156778 | CVE-2013-1858 | linux-mvl-dove (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-ti-omap4 (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-armadaxp (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-backport-oneiric (Ubuntu Raring) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Hardy) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Lucid) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Oneiric) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Precise) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Quantal) | High | Invalid | ||
1156778 | CVE-2013-1858 | linux-lts-quantal (Ubuntu Raring) | High | Invalid |
See the
CVE page on Mitre.org
for more details.