Added: 05/13/2014
CVE: CVE-2013-1763
BID: 58137
OSVDB: 90604
Netlink is a feature of the Linux kernel which allows communication between kernel and user space.
An array index error in the **__sock_diag_rcv_msg**
function in the Linux kernel allows local users to gain root privileges by sending a Netlink message with a large family value.
Upgrade to Linux kernel 3.7.10 or higher or install the appropriate package update from the operating system vendor.
<http://seclists.org/oss-sec/2013/q1/420>
<https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.10>
Exploit works on Ubuntu or Fedora and requires an existing unprivileged shell connection to the target.
Linux