| Description: | The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application. Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges.
|