Unrated severityNVD Advisory· Published Apr 24, 2013· Updated Jun 16, 2026

CVE-2013-1958

Description

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel6 versions
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=3.8.5
- cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*
Linux/Linux kernelllm-fuzzy
Range: <3.8.6

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000

CVE-2013-1958

Description

AI Insight

Affected products

Patches

Vulnerability mechanics

References

News mentions