CVE-2019-13272 Linux Kernel (ptrace_link) Unauthorized Access Vulnerability – Jul 2019

Preface: Artificial intelligence especially custom face recognition will be using (ptrace_link). By attaching to another process using the ptrace call, a tool has extensive control over the operation of its target.

Vulnerability detail: If a malicious unprivileged child uses PTRACE_TRACEME and the parent is privileged, and at a later point, the parent process becomes attacker-controlled (because it drops privileges and calls execve()), the attacker ends up with control over two processes with a privileged ptrace relationship,which can be abused to ptrace a suid binary and obtain root privileges.
Above vulnerability could allow a local attacker to perform unauthorized actions on a targeted system.

Remedy: has released a software update. For more information, please refer to the following URL for reference.

Remark: Perhaps exploit this vulnerability require local user access. But cyber attacker can use scam email or phishing email to conducting this attack.

One thought on “CVE-2019-13272 Linux Kernel (ptrace_link) Unauthorized Access Vulnerability – Jul 2019”

  1. I do agree with all the ideas you’ve introduced in your post.
    They’re very convincing and can certainly work.
    Nonetheless, the posts are too brief for novices. May
    just you please extend them a bit from next time? Thank you for
    the post.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.