First published: Tue Jul 16 2019(Updated: )
A flaw in the kernels implementation of ptrace which could inadvertantly grant elevated permissions to an attacker who could abuse the relationship between tracer and the process being traced. The mechanism used to link the process requesting the ptrace and the process being ptraced could allow a local user to obtain root level priviledges by creating an opportunity to abuse the frequently used pattern of dropping privileges and then execve a child with reduced privileges/permissions. References: <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1903">https://bugs.chromium.org/p/project-zero/issues/detail?id=1903</a> <a href="https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17">https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17</a> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41ee">https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41ee</a> <a href="https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41ee">https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41ee</a>
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-alt | <0:4.14.0-115.12.1.el7a | 0:4.14.0-115.12.1.el7a |
redhat/kernel-rt | <0:4.18.0-80.7.2.rt9.154.el8_0 | 0:4.18.0-80.7.2.rt9.154.el8_0 |
redhat/kernel | <0:4.18.0-80.7.2.el8_0 | 0:4.18.0-80.7.2.el8_0 |
redhat/kernel | <5.1.17 | 5.1.17 |
Red Hat Kernel-devel | ||
Linux Kernel | >=3.16.52<3.16.71 | |
Linux Kernel | >=4.1.39<4.2 | |
Linux Kernel | >=4.4.40<4.4.185 | |
Linux Kernel | >=4.8.16<4.9 | |
Linux Kernel | >=4.9.1<4.9.185 | |
Linux Kernel | >=4.10<4.14.133 | |
Linux Kernel | >=4.15<4.19.58 | |
Linux Kernel | >=4.20<5.1.17 | |
Debian Linux | =8.0 | |
Debian Linux | =9.0 | |
Debian Linux | =10.0 | |
Red Hat Fedora | =29 | |
Ubuntu | =16.04 | |
Ubuntu | =18.04 | |
Ubuntu | =19.04 | |
Red Hat Enterprise Linux | =7.0 | |
Red Hat Enterprise Linux | =8.0 | |
Red Hat Enterprise Linux for Real Time | =8 | |
NetApp A700 Firmware | ||
NetApp AFF A700s Firmware | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp HCI H610S Firmware | ||
NetApp H610S Firmware | ||
NetApp Active IQ Unified Manager for VMware vSphere | ||
NetApp E-Series Performance Analyzer | ||
NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.60.3 | |
NetApp SolidFire & HCI Management Node | ||
NetApp Service Processor | ||
NetApp SolidFire & HCI Storage Node | ||
NetApp SteelStore Cloud Integrated Storage | ||
NetApp HCI Compute Node | ||
Ubuntu | =18.04 | |
Red Hat Enterprise Linux | =7.0_aarch64 | |
Red Hat Enterprise Linux for IBM Z Systems | =7.0_s390x | |
Red Hat Enterprise Linux for Real Time for NFV | =8.0 | |
Red Hat Enterprise Linux for Real Time for NFV | =8.2 | |
Red Hat Enterprise Linux for Real Time for NFV | =8.4 | |
Red Hat Enterprise Linux for Real Time for NFV | =8.6 | |
Red Hat Enterprise Linux for Real Time for NFV | =8.8 | |
Red Hat Enterprise Linux for Real Time | =8.2 | |
Red Hat Enterprise Linux for Real Time | =8.4 | |
Red Hat Enterprise Linux for Real Time | =8.6 | |
Red Hat Enterprise Linux for Real Time | =8.8 | |
All of | ||
NetApp A700 Firmware | ||
NetApp AFF A700s Firmware | ||
All of | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
All of | ||
NetApp HCI H610S Firmware | ||
NetApp H610S Firmware | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
For mitigation, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/4292201
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2019-13272 is classified with medium severity due to its potential to grant elevated permissions to attackers.
To mitigate CVE-2019-13272, it is recommended to update the kernel to versions 5.1.17 or later, or the specific versions 0:4.14.0-115.12.1.el7a and 0:4.18.0-80.7.2.el8_0.
CVE-2019-13272 affects various Linux kernel versions including RHEL, Ubuntu, Debian, and Fedora releases as detailed in the vulnerability report.
The exploit vector for CVE-2019-13272 involves a flaw in the ptrace implementation that can be abused by a malicious process observing another process.
Yes, official patches addressing CVE-2019-13272 have been released and are included in the latest kernel updates.