Unrated severityNVD Advisory· Published Sep 25, 2013· Updated Jun 16, 2026

CVE-2013-4300

Description

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel5 versions
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=3.8.6,<3.9
- cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*
Linux/Linux kernelllm-fuzzy
Range: <3.11

Patches

Vulnerability mechanics

References

www.kernel.org/pub/linux/kernel/v3.x/patch-3.11.bz2nvdPatch
www.openwall.com/lists/oss-security/2013/09/05/3nvdExploitMailing ListPatch
bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingPatch
github.com/torvalds/linux/commit/d661684cf6820331feae71146c35da83d794467envdExploitPatch
www.ubuntu.com/usn/USN-1995-1nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1998-1nvdThird Party AdvisoryVDB Entry
git.kernel.orgnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000