CVE-2013-1060 - OpenCVE

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*

No data.

References

Link	Providers
http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html
http://www.ubuntu.com/usn/USN-1938-1
http://www.ubuntu.com/usn/USN-1939-1
http://www.ubuntu.com/usn/USN-1941-1
http://www.ubuntu.com/usn/USN-1942-1
http://www.ubuntu.com/usn/USN-1943-1
http://www.ubuntu.com/usn/USN-1944-1
http://www.ubuntu.com/usn/USN-1945-1
http://www.ubuntu.com/usn/USN-1946-1
http://www.ubuntu.com/usn/USN-1947-1
https://launchpad.net/bugs/1206200
https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html
https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2013-09-25T10:00:00

Updated: 2024-08-06T14:49:20.427Z

Reserved: 2013-01-11T00:00:00

Link: CVE-2013-1060

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-09-25T10:31:26.817

Modified: 2013-10-02T04:23:42.707

Link: CVE-2013-1060

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-10-02T09:00:00", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"name": "USN-1943-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1943-1"}, {"name": "USN-1938-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1938-1"}, {"name": "USN-1944-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1944-1"}, {"name": "USN-1945-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1945-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://launchpad.net/bugs/1206200"}, {"name": "[kernel-team] 20130731 [CVE-2013-1060] perf configuration file vunerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html"}, {"name": "USN-1939-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1939-1"}, {"name": "[kernel-team] 20130731 [lucid CVE 1/1] UBUNTU: [Packaging] supply perf with appropriate prefix to ensure use of local config", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html"}, {"name": "USN-1947-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1947-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html"}, {"name": "USN-1941-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1941-1"}, {"name": "USN-1942-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1942-1"}, {"name": "USN-1946-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1946-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "ID": "CVE-2013-1060", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-1943-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1943-1"}, {"name": "USN-1938-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1938-1"}, {"name": "USN-1944-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1944-1"}, {"name": "USN-1945-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1945-1"}, {"name": "https://launchpad.net/bugs/1206200", "refsource": "CONFIRM", "url": "https://launchpad.net/bugs/1206200"}, {"name": "[kernel-team] 20130731 [CVE-2013-1060] perf configuration file vunerability", "refsource": "MLIST", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html"}, {"name": "USN-1939-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1939-1"}, {"name": "[kernel-team] 20130731 [lucid CVE 1/1] UBUNTU: [Packaging] supply perf with appropriate prefix to ensure use of local config", "refsource": "MLIST", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html"}, {"name": "USN-1947-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1947-1"}, {"name": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html", "refsource": "CONFIRM", "url": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html"}, {"name": "USN-1941-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1941-1"}, {"name": "USN-1942-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1942-1"}, {"name": "USN-1946-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1946-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:49:20.427Z"}, "title": "CVE Program Container", "references": [{"name": "USN-1943-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1943-1"}, {"name": "USN-1938-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1938-1"}, {"name": "USN-1944-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1944-1"}, {"name": "USN-1945-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1945-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://launchpad.net/bugs/1206200"}, {"name": "[kernel-team] 20130731 [CVE-2013-1060] perf configuration file vunerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html"}, {"name": "USN-1939-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1939-1"}, {"name": "[kernel-team] 20130731 [lucid CVE 1/1] UBUNTU: [Packaging] supply perf with appropriate prefix to ensure use of local config", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html"}, {"name": "USN-1947-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1947-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html"}, {"name": "USN-1941-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1941-1"}, {"name": "USN-1942-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1942-1"}, {"name": "USN-1946-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1946-1"}]}]}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2013-1060", "datePublished": "2013-09-25T10:00:00", "dateReserved": "2013-01-11T00:00:00", "dateUpdated": "2024-08-06T14:49:20.427Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account."}, {"lang": "es", "value": "Cierto procedimiento build de Ubuntu para perf, tal y como es distribuido en los paquetes del kernel Linux en Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, y 13.10, establece la variable de entorno HOME al directorio ~buildd y consecuentemente lee el fichero de configuraci\u00f3n del sistema del directorio ~buildd, lo cual permite a usuarios locales obtener privilegios aprovechando el control sobre la cuenta buildd."}], "id": "CVE-2013-1060", "lastModified": "2013-10-02T04:23:42.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-09-25T10:31:26.817", "references": [{"source": "security@ubuntu.com", "tags": ["Vendor Advisory"], "url": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1938-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1939-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1941-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1942-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1943-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1944-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1945-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1946-1"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1947-1"}, {"source": "security@ubuntu.com", "url": "https://launchpad.net/bugs/1206200"}, {"source": "security@ubuntu.com", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html"}, {"source": "security@ubuntu.com", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}