CVE-2019-13272

Published: Jul 17, 2019Modified: Nov 6, 2025CISA KEV

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.

Affected (40)

Products: Linux: Linux Kernel · Debian: Debian Linux · Fedoraproject: Fedora · +3 more

Show all products

1 product

1 product

1 product

1 product

7 products

Enterprise Linux For Arm 64

Enterprise Linux For Ibm Z Systems

Enterprise Linux For Real Time

Enterprise Linux For Real Time For Nfv

Enterprise Linux For Real Time For Nfv Tus

Enterprise Linux For Real Time Tus

11 products

Active Iq Unified Manager

E Series Performance Analyzer

E Series Santricity Os Controller

Steelstore Cloud Integrated Storage

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.16.52 to 3.16.71
Linux Linux Kernel	From 4.1.39 to 4.2
Linux Linux Kernel	From 4.10 to 4.14.133
Linux Linux Kernel	From 4.15 to 4.19.58
Linux Linux Kernel	From 4.20 to 5.1.17
Linux Linux Kernel	From 4.4.40 to 4.4.185
Linux Linux Kernel	From 4.8.16 to 4.9
Linux Linux Kernel	From 4.9.1 to 4.9.185

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 29

Configuration D

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04

Configuration E

14 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux For Arm 64	Version 7.0_aarch64
Redhat Enterprise Linux For Ibm Z Systems	Version 7.0_s390x
Redhat Enterprise Linux For Real Time	Version 8
Redhat Enterprise Linux For Real Time For Nfv	Version 8.0
Redhat Enterprise Linux For Real Time For Nfv Tus	Version 8.2
Redhat Enterprise Linux For Real Time For Nfv Tus	Version 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus	Version 8.6
Redhat Enterprise Linux For Real Time For Nfv Tus	Version 8.8
Redhat Enterprise Linux For Real Time Tus	Version 8.2
Redhat Enterprise Linux For Real Time Tus	Version 8.4
Redhat Enterprise Linux For Real Time Tus	Version 8.6
Redhat Enterprise Linux For Real Time Tus	Version 8.8

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Aff A700s Firmware	All versions

Running on/with	Platform Versions
Netapp Aff A700s	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H410c Firmware	All versions

Running on/with	Platform Versions
Netapp H410c	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H610s Firmware	All versions

Running on/with	Platform Versions
Netapp H610s	All versions

Configuration I

8 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	All versions
Netapp E Series Performance Analyzer	All versions
Netapp E Series Santricity Os Controller	From 11.0.0 to 11.60.3
Netapp Hci Compute Node	All versions
Netapp Hci Management Node	All versions
Netapp Service Processor	All versions
Netapp Solidfire	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

References (59)

http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-pkexec-Local-Privilege-Escalation.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2019:2405

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2411

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2809

Source: cve@mitre.org

Third Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=1903

Source: cve@mitre.org

ExploitIssue TrackingPatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1730895

Source: cve@mitre.org

Issue TrackingPatch

https://bugzilla.suse.com/show_bug.cgi?id=1140671

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17

Source: cve@mitre.org

PatchVendor Advisory

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41ee

Source: cve@mitre.org

PatchVendor Advisory

https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41ee

Source: cve@mitre.org

Patch

https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/07/msg00023.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGRK5LYWBJ4E4SRI4DKX367NHYSI3VOH/

Source: cve@mitre.org

Release Notes

https://seclists.org/bugtraq/2019/Jul/30

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Jul/33

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20190806-0001/

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K91025336

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K91025336?utm_source=f5support&amp%3Butm_medium=RSS

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4093-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4094-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4095-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4117-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4118-1/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4484

Source: cve@mitre.org

Third Party Advisory

http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.html