vulnerability

Ubuntu: (Multiple Advisories) (CVE-2019-13272): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	2019-07-17	2019-08-14	2025-01-23

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

2019-07-17

Added

2019-08-14

Modified

2025-01-23

Description

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.

Solution(s)

ubuntu-upgrade-linux-image-4-15-0-1021-oracleubuntu-upgrade-linux-image-4-15-0-1040-gcpubuntu-upgrade-linux-image-4-15-0-1040-gkeubuntu-upgrade-linux-image-4-15-0-1042-kvmubuntu-upgrade-linux-image-4-15-0-1043-raspi2ubuntu-upgrade-linux-image-4-15-0-1047-awsubuntu-upgrade-linux-image-4-15-0-1050-oemubuntu-upgrade-linux-image-4-15-0-1055-azureubuntu-upgrade-linux-image-4-15-0-1060-snapdragonubuntu-upgrade-linux-image-4-15-0-58-genericubuntu-upgrade-linux-image-4-15-0-58-generic-lpaeubuntu-upgrade-linux-image-4-15-0-58-lowlatencyubuntu-upgrade-linux-image-4-4-0-1054-kvmubuntu-upgrade-linux-image-4-4-0-1090-awsubuntu-upgrade-linux-image-4-4-0-1118-raspi2ubuntu-upgrade-linux-image-4-4-0-1122-snapdragonubuntu-upgrade-linux-image-4-4-0-159-genericubuntu-upgrade-linux-image-4-4-0-159-generic-lpaeubuntu-upgrade-linux-image-4-4-0-159-lowlatencyubuntu-upgrade-linux-image-4-4-0-159-powerpc-e500mcubuntu-upgrade-linux-image-4-4-0-159-powerpc-smpubuntu-upgrade-linux-image-4-4-0-159-powerpc64-embubuntu-upgrade-linux-image-4-4-0-159-powerpc64-smpubuntu-upgrade-linux-image-5-0-0-1013-gcpubuntu-upgrade-linux-image-5-0-0-1013-kvmubuntu-upgrade-linux-image-5-0-0-1014-awsubuntu-upgrade-linux-image-5-0-0-1014-azureubuntu-upgrade-linux-image-5-0-0-1014-raspi2ubuntu-upgrade-linux-image-5-0-0-1018-snapdragonubuntu-upgrade-linux-image-5-0-0-25-genericubuntu-upgrade-linux-image-5-0-0-25-generic-lpaeubuntu-upgrade-linux-image-5-0-0-25-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-16-04ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-4-15ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-powerpc-e500mcubuntu-upgrade-linux-image-powerpc-smpubuntu-upgrade-linux-image-powerpc64-embubuntu-upgrade-linux-image-powerpc64-smpubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragonubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04ubuntu-upgrade-linux-image-virtual-hwe-18-04

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today

Ubuntu: (Multiple Advisories) (CVE-2019-13272): Linux kernel vulnerabilities

Description

Solution(s)

References

Explore Exposure Command