HIGH🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2019-13272

CVSS 7.8v3.1pub. 2019-07-17upd. 2025-11-06

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Canonical Ubuntu

    OS
    Canonical
    16.0418.0419.04
  • Debian

    OS
    Debian
    10.08.09.0
  • Fedora Project Fedora

    OS
    Fedoraproject
    29
  • Linux Kernel

    OS
    Linux
    4.20 – 5.1.17 (bez)3.16.52 – 3.16.71 (bez)4.1.39 – 4.2 (bez)4.4.40 – 4.4.185 (bez)4.8.16 – 4.9 (bez)4.9.1 – 4.9.185 (bez)4.10 – 4.14.133 (bez)4.15 – 4.19.58 (bez)
  • Netapp Active Iq Unified Manager

    APP
    Netapp
    wszystkie wersje
  • Netapp Aff A700s

    HW
    Netapp
    wszystkie wersje
  • Netapp Aff A700s Firmware

    OS
    Netapp
    wszystkie wersje
  • Netapp E Series Performance Analyzer

    APP
    Netapp
    wszystkie wersje
  • Netapp E Series Santricity Os Controller

    APP
    Netapp
    11.0.0 – 11.60.3
  • Netapp H410c

    HW
    Netapp
    wszystkie wersje
  • Netapp H410c Firmware

    OS
    Netapp
    wszystkie wersje
  • Netapp H610s

    HW
    Netapp
    wszystkie wersje
  • Netapp H610s Firmware

    OS
    Netapp
    wszystkie wersje
  • Netapp Hci Compute Node

    HW
    Netapp
    wszystkie wersje
  • Netapp Hci Management Node

    APP
    Netapp
    wszystkie wersje
  • Netapp Service Processor

    APP
    Netapp
    wszystkie wersje
  • Netapp Solidfire

    APP
    Netapp
    wszystkie wersje
  • Netapp Steelstore Cloud Integrated Storage

    APP
    Netapp
    wszystkie wersje
  • Red Hat Enterprise Linux

    OS
    Redhat
    7.08.0
  • Red Hat Enterprise Linux For Arm 64

    OS
    Redhat
    7.0_aarch64
  • Red Hat Enterprise Linux For IBM Z Systems

    OS
    Redhat
    7.0_s390x
  • Red Hat Enterprise Linux For Real Time

    OS
    Redhat
    8
  • Red Hat Enterprise Linux For Real Time For Nfv

    OS
    Redhat
    8.0
  • Red Hat Enterprise Linux For Real Time For Nfv Tus

    OS
    Redhat
    8.28.48.68.8
  • Red Hat Enterprise Linux For Real Time Tus

    OS
    Redhat
    8.28.48.68.8

CISA KEV — detailsi

Vendori
Linux
Producti
Kernel
Added to KEVi
December 10, 2021
Remediation deadline (US Federal)i
June 10, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 10 czerwca 2022
CWE
References

Related vulnerabilities

CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt

GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE przez deserializację PHP w Roundcube Webmail (parametr _from)

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP