First published: Fri Nov 08 2019(Updated: )
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Tuned | <2.0.2 | |
Fedoraproject Fedora | =17 | |
debian/tuned | 2.15.0-1 2.20.0-1 2.22.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2013-1820.
The severity of CVE-2013-1820 is medium with a CVSS score of 5.5.
tuned versions before 2.x, specifically versions 2.10.0-1, 2.15.0-1, and 2.20.0-1 on Debian Linux, Red Hat Tuned before version 2.0.2, and Fedora 17.
Local users can exploit CVE-2013-1820 by killing running processes due to insecure permissions with tuned's ktune service.
Yes, there are the following references for CVE-2013-1820: [Debian Security Tracker](https://security-tracker.debian.org/tracker/CVE-2013-1820), [Red Hat Bugzilla - CVE-2013-1820](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1820), [Red Hat Bugzilla - 918233](https://bugzilla.redhat.com/show_bug.cgi?id=918233).