Description
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2013-1100 | A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account. |
 Ubuntu USN |
USN-1938-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-1939-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-1940-1 | Linux kernel (EC2) vulnerabilities |
| Ubuntu USN |
USN-1941-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-1942-1 | Linux kernel (OMAP4) vulnerabilities |
| Ubuntu USN |
USN-1943-1 | Linux kernel (Raring HWE) vulnerabilities |
| Ubuntu USN |
USN-1944-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-1945-1 | Linux kernel (OMAP4) vulnerabilities |
| Ubuntu USN |
USN-1946-1 | Linux kernel (OMAP4) vulnerabilities |
| Ubuntu USN |
USN-1947-1 | Linux kernel (Quantal HWE) vulnerabilities |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published:
Updated: 2024-08-06T14:49:20.427Z
Reserved: 2013-01-11T00:00:00.000Z
Link: CVE-2013-1060
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-09-25T10:31:26.817
Modified: 2026-04-29T01:13:23.040
Link: CVE-2013-1060
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses