Linux Kernel 'net _ ctl_permissions () 'Function Local Security Restriction Bypass Vulnerability

Release date:
Updated on:

Affected Systems:
Linux kernel <3.11.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 64471
CVE (CAN) ID: CVE-2013-4270

Linux Kernel is the Kernel of the Linux operating system.

In the implementation of the net_ctl_permissions function in Linux kernel versions earlier than 3.11.5 in net/sysctl_net.c, the uid and gid values are not correctly determined, this allows local users to bypass the target/proc/sys/net restrictions with special applications.

<* Source: Miroslav Vadkerti
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.kernel.org/
Https://github.com/torvalds/linux/commit/2433c8f094a008895e66f25bd1773cdb01c91d01
Http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = 2433c8f094a008895e66f25bd1773cdb01c91d01

Linux Kernel: click here
Linux Kernel: click here

The Linux kernel replaces iptables with nftables

Linux 3.12 code Suicidal Squirrel

How to install Linux 3.11 Kernel on Ubuntu

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12