CVE-2014-0240
Description
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.311
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.3-4ubuntu0.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.3-4ubuntu0.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.4-4ubuntu2.1.14.04.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.4-4ubuntu2.1.14.04.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.3-4ubuntu0.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.3-4ubuntu0.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.4-4ubuntu2.1.14.04.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.4-4ubuntu2.1.14.04.2_amd64.deb | Linux |
| (RHSA-2014:0788) Important: mod_wsgi security update mod_wsgi-3.2-6.el6_5.i686.rpm | Linux |
| (RHSA-2014:0788) Important: mod_wsgi security update mod_wsgi-3.2-6.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1091) Important: mod_wsgi security update mod_wsgi-3.4-12.el7_0.x86_64.rpm | Linux |
| Mod_wsgi update (ELSA-2014-1091) mod_wsgi-3.4-12.el7_0.x86_64.rpm | Linux |
| Python38 update (ELSA-2023-7050) python38-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-Cython update (ELSA-2023-7050) python38-Cython-0.29.14-4.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-PyMySQL update (ELSA-2023-7050) python38-PyMySQL-0.10.1-1.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-asn1crypto update (ELSA-2023-7050) python38-asn1crypto-1.2.0-3.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-babel update (ELSA-2023-7050) python38-babel-2.7.0-11.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-cffi update (ELSA-2023-7050) python38-cffi-1.13.2-3.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-chardet update (ELSA-2023-7050) python38-chardet-3.0.4-19.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-cryptography update (ELSA-2023-7050) python38-cryptography-2.8-3.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-debug update (ELSA-2023-7050) python38-debug-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-devel update (ELSA-2023-7050) python38-devel-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-idle update (ELSA-2023-7050) python38-idle-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-idna update (ELSA-2023-7050) python38-idna-2.8-6.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-jinja2 update (ELSA-2023-7050) python38-jinja2-2.11.3-1.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-libs update (ELSA-2023-7050) python38-libs-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-lxml update (ELSA-2023-7050) python38-lxml-4.4.1-7.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-markupsafe update (ELSA-2023-7050) python38-markupsafe-1.1.1-6.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-mod_wsgi update (ELSA-2023-7050) python38-mod_wsgi-4.6.8-5.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-numpy update (ELSA-2023-7050) python38-numpy-1.17.3-7.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-numpy-doc update (ELSA-2023-7050) python38-numpy-doc-1.17.3-7.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-numpy-f2py update (ELSA-2023-7050) python38-numpy-f2py-1.17.3-7.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-pip update (ELSA-2023-7050) python38-pip-19.3.1-7.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-pip-wheel update (ELSA-2023-7050) python38-pip-wheel-19.3.1-7.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-ply update (ELSA-2023-7050) python38-ply-3.11-10.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-psutil update (ELSA-2023-7050) python38-psutil-5.6.4-4.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-psycopg2 update (ELSA-2023-7050) python38-psycopg2-2.8.4-4.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-psycopg2-doc update (ELSA-2023-7050) python38-psycopg2-doc-2.8.4-4.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-psycopg2-tests update (ELSA-2023-7050) python38-psycopg2-tests-2.8.4-4.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-pycparser update (ELSA-2023-7050) python38-pycparser-2.19-3.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-pysocks update (ELSA-2023-7050) python38-pysocks-1.7.1-4.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-pytz update (ELSA-2023-7050) python38-pytz-2019.3-4.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-pyyaml update (ELSA-2023-7050) python38-pyyaml-5.4.1-1.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-requests update (ELSA-2023-7050) python38-requests-2.22.0-10.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-rpm-macros update (ELSA-2023-7050) python38-rpm-macros-3.8.17-2.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-scipy update (ELSA-2023-7050) python38-scipy-1.3.1-5.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-setuptools update (ELSA-2023-7050) python38-setuptools-41.6.0-5.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-setuptools-wheel update (ELSA-2023-7050) python38-setuptools-wheel-41.6.0-5.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-six update (ELSA-2023-7050) python38-six-1.12.0-10.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-test update (ELSA-2023-7050) python38-test-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-tkinter update (ELSA-2023-7050) python38-tkinter-3.8.17-2.module+el8.9.0+90017+9913aa0c.x86_64.rpm | Linux |
| Python38-urllib3 update (ELSA-2023-7050) python38-urllib3-1.25.7-5.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-wheel update (ELSA-2023-7050) python38-wheel-0.33.6-6.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| Python38-wheel-wheel update (ELSA-2023-7050) python38-wheel-wheel-0.33.6-6.module+el8.9.0+90017+9913aa0c.noarch.rpm | Linux |
| (RHSA-2014:1091)Important: security update mod_wsgi-debuginfo-3.4-12.el7_0.x86_64.rpm | Linux |
| Python39 update (ELSA-2024-2985) python39-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-PyMySQL update (ELSA-2024-2985) python39-PyMySQL-0.10.1-2.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-cffi update (ELSA-2024-2985) python39-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-chardet update (ELSA-2024-2985) python39-chardet-3.0.4-19.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-cryptography update (ELSA-2024-2985) python39-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-devel update (ELSA-2024-2985) python39-devel-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-idle update (ELSA-2024-2985) python39-idle-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-idna update (ELSA-2024-2985) python39-idna-2.10-3.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-libs update (ELSA-2024-2985) python39-libs-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-lxml update (ELSA-2024-2985) python39-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-mod_wsgi update (ELSA-2024-2985) python39-mod_wsgi-4.7.1-7.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-numpy update (ELSA-2024-2985) python39-numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-numpy-doc update (ELSA-2024-2985) python39-numpy-doc-1.19.4-3.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-numpy-f2py update (ELSA-2024-2985) python39-numpy-f2py-1.19.4-3.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-pip update (ELSA-2024-2985) python39-pip-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-pip-wheel update (ELSA-2024-2985) python39-pip-wheel-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-ply update (ELSA-2024-2985) python39-ply-3.11-10.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-psutil update (ELSA-2024-2985) python39-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-psycopg2 update (ELSA-2024-2985) python39-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-psycopg2-doc update (ELSA-2024-2985) python39-psycopg2-doc-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-psycopg2-tests update (ELSA-2024-2985) python39-psycopg2-tests-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-pycparser update (ELSA-2024-2985) python39-pycparser-2.20-3.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-pysocks update (ELSA-2024-2985) python39-pysocks-1.7.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-pyyaml update (ELSA-2024-2985) python39-pyyaml-5.4.1-1.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-requests update (ELSA-2024-2985) python39-requests-2.25.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-rpm-macros update (ELSA-2024-2985) python39-rpm-macros-3.9.18-3.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-scipy update (ELSA-2024-2985) python39-scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573.x86_64.rpm | Linux |
| Python39-setuptools update (ELSA-2024-2985) python39-setuptools-50.3.2-5.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-setuptools-wheel update (ELSA-2024-2985) python39-setuptools-wheel-50.3.2-5.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-six update (ELSA-2024-2985) python39-six-1.15.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-test update (ELSA-2024-2985) python39-test-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-tkinter update (ELSA-2024-2985) python39-tkinter-3.9.18-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm | Linux |
| Python39-toml update (ELSA-2024-2985) python39-toml-0.10.1-5.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-urllib3 update (ELSA-2024-2985) python39-urllib3-1.25.10-5.module+el8.10.0+90269+2fa22b99.noarch.rpm | Linux |
| Python39-wheel update (ELSA-2024-2985) python39-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
| Python39-wheel-wheel update (ELSA-2024-2985) python39-wheel-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234