CVE-2013-2207

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Published: Oct 9, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-2207
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.6
AV:L/AC:H/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
gnu / glibc	2.1.2	2.1.2.x
gnu / glibc	2.11	2.11.x
gnu / glibc	2.0.5	2.0.5.x
gnu / glibc	2.0.6	2.0.6.x
gnu / glibc	2.10.1	2.10.1.x
gnu / glibc	2.1.1	2.1.1.x
gnu / glibc	2.14	2.14.x
gnu / glibc	2.0.3	2.0.3.x
gnu / glibc	2.0	2.0.x
gnu / glibc	2.13	2.13.x
gnu / glibc	2.1.1.6	2.1.1.6.x
gnu / glibc	2.1	2.1.x
gnu / glibc	2.1.9	2.1.9.x
gnu / glibc	2.12.1	2.12.1.x
gnu / glibc	2.0.1	2.0.1.x
gnu / glibc	2.14.1	2.14.1.x
gnu / glibc	2.11.2	2.11.2.x
gnu / glibc	2.0.4	2.0.4.x
gnu / glibc	2.0.2	2.0.2.x
gnu / glibc	2.16	2.16.x
gnu / glibc	-	2.17.x
gnu / glibc	2.11.3	2.11.3.x
gnu / glibc	2.11.1	2.11.1.x
gnu / glibc	2.1.3	2.1.3.x
gnu / glibc	2.15	2.15.x
gnu / glibc	2.12.2	2.12.2.x
fedoraproject / fedora	18	18.x
fedoraproject / fedora	19	19.x

Vulnerability Database

CVE-2013-2207

Deep Security Visibility Without the Complexity