Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014CVE: CVE-2013-1763
BID: 58137
OSVDB: 90604
Background
Netlink is a feature of the Linux kernel which allows communication between kernel and user space.Problem
An array index error in the __sock_diag_rcv_msg function in the Linux kernel allows local users to gain root privileges by sending a Netlink message with a large family value.Resolution
Upgrade to Linux kernel 3.7.10 or higher or install the appropriate package update from the operating system vendor.References
http://seclists.org/oss-sec/2013/q1/420https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.10
Limitations
Exploit works on Ubuntu or Fedora and requires an existing unprivileged shell connection to the target.Platforms
LinuxBack to exploit index