we track for your security since 1999

vulnerabilities

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.

recent vulnerabilities

tracked products

RSS feed

vulnerability

vulnerability note CVE-2013-0268

Linux kernel: privilege elevation via MSR

Synthesis of the vulnerability

A local attacker, who has the uid 0, can access to /dev/cpu/*/msr, in order to execute code with kernel privileges.
Impacted products: Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Creation date: 07/02/2013.
Identifiers: BID-57838, CVE-2013-0268, FEDORA-2013-1961, openSUSE-SU-2013:0396-1, RHSA-2013:0621-01, RHSA-2013:0622-01, RHSA-2013:0630-01, SUSE-SU-2013:0674-1, SUSE-SU-2013:0759-1, SUSE-SU-2013:0759-2, VIGILANCE-VUL-12389.

Description of the vulnerability

Intel processors have specific MSR (Model Specific Register) registers.

A root user (uid 0) can access to the special "/dev/cpu/*/msr" file. The msr_open() function of the arch/x86/kernel/msr.c file allows this access. However, it does not check if the user also has the CAP_SYS_RAWIO capability.

A local attacker, who has the uid 0, but not CAP_SYS_RAWIO, can therefore access to /dev/cpu/*/msr, in order to execute code with kernel privileges.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities note. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.