CVE Vulnerabilities

CVE-2013-2207

Published: Oct 09, 2013 | Modified: Jul 01, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:L/AC:H/Au:N/C:P/I:P/A:N
RedHat/V2
2.6 MODERATE
AV:L/AC:H/Au:N/C:P/I:P/A:N
RedHat/V3
Ubuntu
LOW

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Affected Software

Name Vendor Start Version End Version
Glibc Gnu * 2.17 (including)
Glibc Gnu 2.0 (including) 2.0 (including)
Glibc Gnu 2.0.1 (including) 2.0.1 (including)
Glibc Gnu 2.0.2 (including) 2.0.2 (including)
Glibc Gnu 2.0.3 (including) 2.0.3 (including)
Glibc Gnu 2.0.4 (including) 2.0.4 (including)
Glibc Gnu 2.0.5 (including) 2.0.5 (including)
Glibc Gnu 2.0.6 (including) 2.0.6 (including)
Glibc Gnu 2.1 (including) 2.1 (including)
Glibc Gnu 2.1.1 (including) 2.1.1 (including)
Glibc Gnu 2.1.1.6 (including) 2.1.1.6 (including)
Glibc Gnu 2.1.2 (including) 2.1.2 (including)
Glibc Gnu 2.1.3 (including) 2.1.3 (including)
Glibc Gnu 2.1.9 (including) 2.1.9 (including)
Glibc Gnu 2.10.1 (including) 2.10.1 (including)
Glibc Gnu 2.11 (including) 2.11 (including)
Glibc Gnu 2.11.1 (including) 2.11.1 (including)
Glibc Gnu 2.11.2 (including) 2.11.2 (including)
Glibc Gnu 2.11.3 (including) 2.11.3 (including)
Glibc Gnu 2.12.1 (including) 2.12.1 (including)
Glibc Gnu 2.12.2 (including) 2.12.2 (including)
Glibc Gnu 2.13 (including) 2.13 (including)
Glibc Gnu 2.14 (including) 2.14 (including)
Glibc Gnu 2.14.1 (including) 2.14.1 (including)
Glibc Gnu 2.15 (including) 2.15 (including)
Glibc Gnu 2.16 (including) 2.16 (including)
Eglibc Ubuntu precise *
Eglibc Ubuntu trusty *
Glibc Ubuntu upstream *
Glibc Ubuntu vivid *
Glibc Ubuntu vivid/stable-phone-overlay *
Glibc Ubuntu vivid/ubuntu-core *
Glibc Ubuntu wily *

References