CVE-2019-13272
HIGH
7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,2
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,7926
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
Exploit
Linux - Broken Permission and Object Lifetime Handling …
Verified LocalLinux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME
View Exploit Code →
Exploit
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec …
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
View Exploit Code →
Exploit
Linux Polkit - pkexec helper PTRACE_TRACEME local root …
Verified Metasploit Framework (MSF)Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit)
View Exploit Code →
Exploit
Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege …
Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)
View Exploit Code →
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.10
(inclusive)
To
4.14.133
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Service Processor by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.4.40
(inclusive)
To
4.4.185
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Ibm Z Systems by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
H410C Firmware by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
E-Series Performance Analyzer by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Active Iq Unified Manager by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.8.16
(inclusive)
To
4.9
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.8:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time For Nfv Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.20
(inclusive)
To
5.1.17
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time For Nfv Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time For Nfv by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Ubuntu Linux by Canonical
CPE Identifier
View Detailed Analysis
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.9.1
(inclusive)
To
4.9.185
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Aff A700S Firmware by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hci Management Node by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Solidfire by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Arm 64 by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:7.0_aarch64:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
3.16.52
(inclusive)
To
3.16.71
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Hardware
Hci Compute Node by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Ubuntu Linux by Canonical
CPE Identifier
View Detailed Analysis
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time For Nfv Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
E-Series Santricity Os Controller by Netapp
Version Range Affected
From
11.0.0
(inclusive)
To
11.60.3
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.1.39
(inclusive)
To
4.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Ubuntu Linux by Canonical
CPE Identifier
View Detailed Analysis
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux For Real Time For Nfv Tus by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.8:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Steelstore Cloud Integrated Storage by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.15
(inclusive)
To
4.19.58
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
H610S Firmware by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019…
http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permiss…
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackwa…
http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-L…
http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_T…
http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html
http://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-p…
https://access.redhat.com/errata/RHSA-2019:2405
https://access.redhat.com/errata/RHSA-2019:2411
https://access.redhat.com/errata/RHSA-2019:2809
https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
https://bugzilla.redhat.com/show_bug.cgi?id=1730895
https://bugzilla.suse.com/show_bug.cgi?id=1140671
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17
https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41…
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994…
https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://seclists.org/bugtraq/2019/Jul/30
https://seclists.org/bugtraq/2019/Jul/33
https://security.netapp.com/advisory/ntap-20190806-0001/
https://support.f5.com/csp/article/K91025336
https://support.f5.com/csp/article/K91025336?utm_source=f5support&%3Butm_med…
https://usn.ubuntu.com/4093-1/
https://usn.ubuntu.com/4094-1/
https://usn.ubuntu.com/4095-1/
https://usn.ubuntu.com/4117-1/
https://usn.ubuntu.com/4118-1/
https://www.debian.org/security/2019/dsa-4484
http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permiss…
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackwa…
http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-L…
http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_T…
http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html
http://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-p…
https://access.redhat.com/errata/RHSA-2019:2405
https://access.redhat.com/errata/RHSA-2019:2411
https://access.redhat.com/errata/RHSA-2019:2809
https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
https://bugzilla.redhat.com/show_bug.cgi?id=1730895
https://bugzilla.suse.com/show_bug.cgi?id=1140671
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17
https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41…
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994…
https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://seclists.org/bugtraq/2019/Jul/30
https://seclists.org/bugtraq/2019/Jul/33
https://security.netapp.com/advisory/ntap-20190806-0001/
https://support.f5.com/csp/article/K91025336
https://support.f5.com/csp/article/K91025336?utm_source=f5support&%3Butm_med…
https://usn.ubuntu.com/4093-1/
https://usn.ubuntu.com/4094-1/
https://usn.ubuntu.com/4095-1/
https://usn.ubuntu.com/4117-1/
https://usn.ubuntu.com/4118-1/
https://www.debian.org/security/2019/dsa-4484