Launchpad CVE tracker

CVE 2013-2207

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Related bugs and status

CVE-2013-2207 (Candidate) is related to these bugs:

Bug #997096: nscd segmentation fault

Summary				In	Importance	Status
	997096	nscd segmentation fault		eglibc (Ubuntu)	Undecided	Incomplete
	997096	nscd segmentation fault		eglibc (openSUSE)	Low	Fix Released

Bug #1546457: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required

		In	Importance	Status
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Precise)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Trusty)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu Wily)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-2207

References