{ "schema_version": "1.4.0", "id": "GHSA-cw67-f6h6-2gmf", "modified": "2022-05-17T05:03:40Z", "published": "2022-05-17T05:03:40Z", "aliases": [ "CVE-2013-1060" ], "details": "A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1060" }, { "type": "WEB", "url": "https://launchpad.net/bugs/1206200" }, { "type": "WEB", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031248.html" }, { "type": "WEB", "url": "https://lists.ubuntu.com/archives/kernel-team/2013-July/031249.html" }, { "type": "WEB", "url": "http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1060.html" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1938-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1939-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1941-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1942-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1943-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1944-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1945-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1946-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1947-1" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2013-09-25T10:31:00Z" } }