CVE-2013-0268

Linux Kernel < 3.7.5 - Access Control

Title source: rule

Description

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.

Exploits (1)

exploitdb WORKING POC

by spender · clocallinux

https://www.exploit-db.com/exploits/27297

View Code ZIP pw:eip

References (7)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c903f0456bc69176912dee6dd25c6a66ee1aed00

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=908693

[Patch] https://github.com/torvalds/linux/commit/c903f0456bc69176912dee6dd25c6a66ee1aed00

[Mailing List] http://www.openwall.com/lists/oss-security/2013/02/07/12

Scores

EPSS 0.0205

EPSS Percentile 83.9%

Details

CWE

CWE-264

Status published

Products (44)

linux/linux_kernel 3.0 rc1 (7 CPE variants)

linux/linux_kernel 3.0.1

linux/linux_kernel 3.0.2

linux/linux_kernel 3.0.3

linux/linux_kernel 3.0.4

linux/linux_kernel 3.0.5

linux/linux_kernel 3.0.6

linux/linux_kernel 3.0.7

linux/linux_kernel 3.0.8

linux/linux_kernel 3.0.9

... and 34 more

Published Feb 18, 2013

Tracked Since Feb 18, 2026