Bypassing /proc/sys/net Restrictions in Linux Kernel

Bypassing /proc/sys/net Restrictions in Linux Kernel

CVE-2013-4270 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:P/A:N

The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.