CVE-2013-3301
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2013-3301
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2013-3301.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2013-3301
- Downstream
- Related
- Published
- 2013-04-29T14:55:04Z
- Modified
- 2025-04-11T00:51:21Z
- Summary
- [none]
- Details
-
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for write access to the (1) setftracepid or (2) setgraphfunction file, and then making an lseek system call.
- References
-
- http://rhn.redhat.com/errata/RHSA-2013-1051.html
- http://www.ubuntu.com/usn/USN-1834-1
- http://www.ubuntu.com/usn/USN-1835-1
- http://www.ubuntu.com/usn/USN-1836-1
- http://www.ubuntu.com/usn/USN-1838-1
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.8
- http://www.openwall.com/lists/oss-security/2013/04/15/1
- https://github.com/torvalds/linux/commit/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
- https://bugzilla.redhat.com/show_bug.cgi?id=952197
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a76f8c0ab19f215af2a3442870eeb5f0e81998d
- http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
- https://security-tracker.debian.org/tracker/CVE-2013-3301
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source