vulnerability
SUSE: CVE-2019-13272: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Jul 17, 2019 | Nov 13, 2019 | May 3, 2022 |
Description
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
Solution(s)
References
- SUSE-SUSE-SU-2019:2949-1
- SUSE-SUSE-SU-2019:2984-1
- SUSE-SUSE-SU-2019:3223-1
- SUSE-SUSE-SU-2019:3224-1
- SUSE-SUSE-SU-2019:3225-1
- SUSE-SUSE-SU-2019:3228-1
- SUSE-SUSE-SU-2019:3230-1
- SUSE-SUSE-SU-2019:3232-1
- SUSE-SUSE-SU-2019:3246-1
- SUSE-SUSE-SU-2019:3247-1
- SUSE-SUSE-SU-2019:3248-1
- SUSE-SUSE-SU-2019:3249-1
- SUSE-SUSE-SU-2019:3252-1
- SUSE-SUSE-SU-2019:3258-1
- SUSE-SUSE-SU-2019:3260-1
- SUSE-SUSE-SU-2019:3261-1
- SUSE-SUSE-SU-2019:3263-1
- UBUNTU-USN-4093-1
- UBUNTU-USN-4094-1
- UBUNTU-USN-4095-1
- UBUNTU-USN-4117-1
- UBUNTU-USN-4118-1
- NVD-CVE-2019-13272
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.