Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2014-AVI-002
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 12.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 13.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 13.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 10.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4470"
},
{
"name": "CVE-2013-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2929"
},
{
"name": "CVE-2013-4514",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4514"
},
{
"name": "CVE-2013-4299",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4299"
},
{
"name": "CVE-2013-6383",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6383"
},
{
"name": "CVE-2013-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4515"
},
{
"name": "CVE-2013-6380",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6380"
},
{
"name": "CVE-2013-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6378"
},
{
"name": "CVE-2013-4511",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4511"
},
{
"name": "CVE-2013-4345",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4345"
},
{
"name": "CVE-2013-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2930"
},
{
"name": "CVE-2013-4588",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4588"
},
{
"name": "CVE-2013-7026",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7026"
},
{
"name": "CVE-2013-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4516"
},
{
"name": "CVE-2013-7027",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7027"
},
{
"name": "CVE-2013-4348",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4348"
},
{
"name": "CVE-2013-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6763"
},
{
"name": "CVE-2013-4513",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4513"
},
{
"name": "CVE-2013-4592",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4592"
}
],
"links": [],
"reference": "CERTA-2014-AVI-002",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-01-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2071-1 du 03 janvier 2014",
"url": "http://www.ubuntu.com/usn/usn-2071-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2075-1 du 03 janvier 2014",
"url": "http://www.ubuntu.com/usn/usn-2075-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2064-1 du 03 janvier 2014",
"url": "http://www.ubuntu.com/usn/usn-2064-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2073-1 du 03 janvier 2014",
"url": "http://www.ubuntu.com/usn/usn-2073-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2066-1 du 03 janvier 2014",
"url": "http://www.ubuntu.com/usn/usn-2066-1/"
}
]
}
CVE-2013-2929 (GCVE-0-2013-2929)
Vulnerability from cvelistv5 – Published: 2013-12-09 18:00 – Updated: 2024-08-06 15:52
VLAI
EPSS
Summary
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
23 references
Date Public
2013-11-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0159",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0159.html"
},
{
"name": "64111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64111"
},
{
"name": "RHSA-2014:0285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0285.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "USN-2110-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"name": "USN-2129-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2129-1"
},
{
"name": "USN-2115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2115-1"
},
{
"name": "USN-2128-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2128-1"
},
{
"name": "USN-2116-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2116-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d049f74f2dbe71354d43d393ac3a188947811348"
},
{
"name": "USN-2114-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2114-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1028148"
},
{
"name": "USN-2112-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2109-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2109-1"
},
{
"name": "RHSA-2018:1252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1252"
},
{
"name": "USN-2111-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2111-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-27T09:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "RHSA-2014:0159",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0159.html"
},
{
"name": "64111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64111"
},
{
"name": "RHSA-2014:0285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0285.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "USN-2110-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"name": "USN-2129-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2129-1"
},
{
"name": "USN-2115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2115-1"
},
{
"name": "USN-2128-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2128-1"
},
{
"name": "USN-2116-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2116-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d049f74f2dbe71354d43d393ac3a188947811348"
},
{
"name": "USN-2114-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2114-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1028148"
},
{
"name": "USN-2112-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2109-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2109-1"
},
{
"name": "RHSA-2018:1252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1252"
},
{
"name": "USN-2111-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2111-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0159",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0159.html"
},
{
"name": "64111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64111"
},
{
"name": "RHSA-2014:0285",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0285.html"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "USN-2110-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"name": "USN-2129-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2129-1"
},
{
"name": "USN-2115-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2115-1"
},
{
"name": "USN-2128-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2128-1"
},
{
"name": "USN-2116-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2116-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d049f74f2dbe71354d43d393ac3a188947811348",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d049f74f2dbe71354d43d393ac3a188947811348"
},
{
"name": "USN-2114-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2114-1"
},
{
"name": "USN-2070-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1028148",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1028148"
},
{
"name": "USN-2112-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2109-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2109-1"
},
{
"name": "RHSA-2018:1252",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1252"
},
{
"name": "USN-2111-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2111-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"name": "RHSA-2014:0100",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2929",
"datePublished": "2013-12-09T18:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:52:21.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2930 (GCVE-0-2013-2930)
Vulnerability from cvelistv5 – Published: 2013-12-09 18:00 – Updated: 2024-08-06 15:52
VLAI
EPSS
Summary
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2076-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.ubuntu.com/usn/USN-2070-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.ubuntu.com/usn/USN-2112-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.ubuntu.com/usn/USN-2071-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.ubuntu.com/usn/USN-2074-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.ubuntu.com/usn/USN-2068-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.kernel.org/pub/linux/kernel/v3.x/Chang… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/12ae030d… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2072-1 | vendor-advisoryx_refsource_UBUNTU |
| http://rhn.redhat.com/errata/RHSA-2014-0100.html | vendor-advisoryx_refsource_REDHAT |
| http://www.ubuntu.com/usn/USN-2075-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2013-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2112-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-04T15:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2112-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=12ae030d54ef250706da5642fc7697cc60ad0df7",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2076-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2070-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2112-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2112-1"
},
{
"name": "USN-2071-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "USN-2074-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2"
},
{
"name": "https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7"
},
{
"name": "USN-2072-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "RHSA-2014:0100",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2075-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2075-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2930",
"datePublished": "2013-12-09T18:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:52:21.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4299 (GCVE-0-2013-4299)
Vulnerability from cvelistv5 – Published: 2013-10-24 10:00 – Updated: 2024-08-06 16:38
VLAI
EPSS
Summary
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
27 references
Date Public
2013-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1436",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1436.html"
},
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "RHSA-2013:1783",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1783.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/e9c6a182649f4259db704ae15a91ac820e63b0ca"
},
{
"name": "USN-2043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2043-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "SUSE-SU-2015:0652",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
},
{
"name": "RHSA-2013:1519",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1519.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca"
},
{
"name": "USN-2040-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2040-1"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "RHSA-2013:1520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1520.html"
},
{
"name": "USN-2044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2044-1"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "RHSA-2013:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html"
},
{
"name": "RHSA-2013:1860",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1860.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1004233"
},
{
"name": "USN-2049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2049-1"
},
{
"name": "USN-2045-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2045-1"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "RHSA-2013:1450",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1450.html"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "USN-2042-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2042-1"
},
{
"name": "USN-2041-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2041-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
},
{
"name": "USN-2046-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2046-1"
},
{
"name": "SUSE-SU-2015:0812",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T21:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1436",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1436.html"
},
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "RHSA-2013:1783",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1783.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/e9c6a182649f4259db704ae15a91ac820e63b0ca"
},
{
"name": "USN-2043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2043-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "SUSE-SU-2015:0652",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
},
{
"name": "RHSA-2013:1519",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1519.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca"
},
{
"name": "USN-2040-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2040-1"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "RHSA-2013:1520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1520.html"
},
{
"name": "USN-2044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2044-1"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "RHSA-2013:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html"
},
{
"name": "RHSA-2013:1860",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1860.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1004233"
},
{
"name": "USN-2049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2049-1"
},
{
"name": "USN-2045-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2045-1"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "RHSA-2013:1450",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1450.html"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "USN-2042-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2042-1"
},
{
"name": "USN-2041-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2041-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
},
{
"name": "USN-2046-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2046-1"
},
{
"name": "SUSE-SU-2015:0812",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4299",
"datePublished": "2013-10-24T10:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4345 (GCVE-0-2013-4345)
Vulnerability from cvelistv5 – Published: 2013-10-10 10:00 – Updated: 2024-08-06 16:38
VLAI
EPSS
Summary
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2013-09-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2065-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2065-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690"
},
{
"name": "USN-2110-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2158-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2158-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "USN-2109-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2109-1"
},
{
"name": "RHSA-2013:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html"
},
{
"name": "62740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62740"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "[linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-crypto-vger\u0026m=137942122902845\u0026w=2"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2064-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2064-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-19T17:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2065-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2065-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690"
},
{
"name": "USN-2110-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2158-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2158-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "USN-2109-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2109-1"
},
{
"name": "RHSA-2013:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html"
},
{
"name": "62740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62740"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "[linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-crypto-vger\u0026m=137942122902845\u0026w=2"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2064-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2064-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4345",
"datePublished": "2013-10-10T10:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4348 (GCVE-0-2013-4348)
Vulnerability from cvelistv5 – Published: 2013-11-04 11:00 – Updated: 2024-08-06 16:38
VLAI
EPSS
Summary
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1490.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=1007939 | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2070-1 | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-2075-1 | vendor-advisoryx_refsource_UBUNTU |
| https://git.kernel.org/cgit/linux/kernel/git/dave… | x_refsource_CONFIRM |
Date Public
2013-10-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007939"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-04T15:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007939"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4348",
"datePublished": "2013-11-04T11:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4470 (GCVE-0-2013-4470)
Vulnerability from cvelistv5 – Published: 2013-11-04 11:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
Summary
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
23 references
Date Public
2013-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b"
},
{
"name": "[oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/25/5"
},
{
"name": "USN-2043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2043-1"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"name": "USN-2040-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2040-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2044-1"
},
{
"name": "RHSA-2013:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1801.html"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "SUSE-SU-2014:0459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1023477"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b"
},
{
"name": "USN-2049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2049-1"
},
{
"name": "RHSA-2014:0284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0284.html"
},
{
"name": "63359",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63359"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "USN-2042-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2042-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
},
{
"name": "USN-2046-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2046-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T21:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b"
},
{
"name": "[oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/25/5"
},
{
"name": "USN-2043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2043-1"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"name": "USN-2040-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2040-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2044-1"
},
{
"name": "RHSA-2013:1801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1801.html"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "SUSE-SU-2014:0459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1023477"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b"
},
{
"name": "USN-2049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2049-1"
},
{
"name": "RHSA-2014:0284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0284.html"
},
{
"name": "63359",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63359"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "USN-2042-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2042-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9"
},
{
"name": "RHSA-2014:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0100.html"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
},
{
"name": "USN-2046-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2046-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4470",
"datePublished": "2013-11-04T11:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4511 (GCVE-0-2013-4511)
Vulnerability from cvelistv5 – Published: 2013-11-12 01:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
Summary
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
Date Public
2013-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7314e613d5ff9f0934f7a0f74ed7973b903315d1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2036-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2036-1"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/7314e613d5ff9f0934f7a0f74ed7973b903315d1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2037-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2037-1"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "openSUSE-SU-2014:0205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-04T15:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7314e613d5ff9f0934f7a0f74ed7973b903315d1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2036-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2036-1"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/7314e613d5ff9f0934f7a0f74ed7973b903315d1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2037-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2037-1"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "openSUSE-SU-2014:0205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4511",
"datePublished": "2013-11-12T01:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4513 (GCVE-0-2013-4513)
Vulnerability from cvelistv5 – Published: 2013-11-12 01:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
Summary
Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2013-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:15.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2c65cd2e14ada6de44cb527e7f1990bede24e15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "63508",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c2c65cd2e14ada6de44cb527e7f1990bede24e15"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2c65cd2e14ada6de44cb527e7f1990bede24e15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "63508",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c2c65cd2e14ada6de44cb527e7f1990bede24e15"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4513",
"datePublished": "2013-11-12T01:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:15.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4514 (GCVE-0-2013-4514)
Vulnerability from cvelistv5 – Published: 2013-11-12 01:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
Summary
Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2013-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/b5e2f339865fb443107e5b10603e53bbc92dc054"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5e2f339865fb443107e5b10603e53bbc92dc054"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "63509",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63509"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/b5e2f339865fb443107e5b10603e53bbc92dc054"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5e2f339865fb443107e5b10603e53bbc92dc054"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "63509",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63509"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4514",
"datePublished": "2013-11-12T01:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4515 (GCVE-0-2013-4515)
Vulnerability from cvelistv5 – Published: 2013-11-12 01:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
Summary
The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public
2013-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d1e72250c847fa96498ec029891de4dc638a5ba"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-04T15:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2014:0247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html"
},
{
"name": "USN-2073-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2073-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2"
},
{
"name": "USN-2076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2076-1"
},
{
"name": "USN-2069-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2069-1"
},
{
"name": "USN-2070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2070-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d1e72250c847fa96498ec029891de4dc638a5ba"
},
{
"name": "USN-2066-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2066-1"
},
{
"name": "USN-2071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2071-1"
},
{
"name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/04/22"
},
{
"name": "USN-2074-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2074-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba"
},
{
"name": "USN-2068-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2068-1"
},
{
"name": "openSUSE-SU-2014:0204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2072-1"
},
{
"name": "USN-2075-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2075-1"
},
{
"name": "USN-2067-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2067-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4515",
"datePublished": "2013-11-12T01:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…