Bug 806351

Summary: CVE-2013-1763 local root exploit
Product: [openSUSE] openSUSE 12.2 Reporter: Arseniy Lartsev <arseniy>
Component: KernelAssignee: E-mail List <kernel-maintainers>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: x86   
OS: openSUSE 12.2   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Arseniy Lartsev 2013-02-26 21:18:59 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20100101 Firefox/17.0

An unprivileged user can send a netlink message resulting in an
out-of-bounds access of the sock_diag_handlers[] array which, in turn,
allows userland to take over control while in kernel mode.

Patch is available at http://thread.gmane.org/gmane.linux.network/260061

Exploit is also available ;) Tested on openSUSE 12.2 with latest updates installed. 12.3 should be affected as well.


Reproducible: Always
Comment 1 Marcus Meissner 2013-02-27 08:04:25 UTC 
thanks for the heads up! tracked in bug 805633

*** This bug has been marked as a duplicate of bug 805633 ***