Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2013-AVI-545
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans le noyau Linux de Mandriva. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Mandriva Business Server 1
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eMandriva Business Server 1\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-4162",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4162"
},
{
"name": "CVE-2013-2889",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2889"
},
{
"name": "CVE-2013-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2897"
},
{
"name": "CVE-2013-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4254"
},
{
"name": "CVE-2013-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2892"
},
{
"name": "CVE-2013-2888",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2888"
},
{
"name": "CVE-2013-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2895"
},
{
"name": "CVE-2013-4163",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4163"
},
{
"name": "CVE-2013-2899",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2899"
},
{
"name": "CVE-2013-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2896"
},
{
"name": "CVE-2013-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2893"
}
],
"initial_release_date": "2013-09-26T00:00:00",
"last_revision_date": "2013-09-26T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:242 du 26 septembre 2013",
"url": "http://www.mandriva.com/fr/support/security/advisories/mbs1/MDVSA-2013:242/"
}
],
"reference": "CERTA-2013-AVI-545",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-09-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eMandriva\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Mandriva",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:242 du 26 septembre 2013",
"url": null
}
]
}
CVE-2013-2897 (GCVE-0-2013-2897)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "62044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62044"
},
{
"name": "[linux-input] 20130828 [PATCH 11/14] HID: multitouch: validate feature report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772190214635\u0026w=1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T21:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "62044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62044"
},
{
"name": "[linux-input] 20130828 [PATCH 11/14] HID: multitouch: validate feature report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772190214635\u0026w=1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2015-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54"
},
{
"name": "62044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62044"
},
{
"name": "[linux-input] 20130828 [PATCH 11/14] HID: multitouch: validate feature report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772190214635\u0026w=1"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2897",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2899 (GCVE-0-2013-2899)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.73"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "[linux-input] 20130828 [PATCH 13/14] HID: picolcd_core: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772191714649\u0026w=1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-24T16:57:00",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.73"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "[linux-input] 20130828 [PATCH 13/14] HID: picolcd_core: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772191714649\u0026w=1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.73",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.73"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "[linux-input] 20130828 [PATCH 13/14] HID: picolcd_core: validate output report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772191714649\u0026w=1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2899",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2896 (GCVE-0-2013-2896)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "[linux-input] 20130828 [PATCH 10/14] HID: ntrig: validate feature report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772189314633\u0026w=1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-30T19:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "[linux-input] 20130828 [PATCH 10/14] HID: ntrig: validate feature report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772189314633\u0026w=1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-1995-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "[linux-input] 20130828 [PATCH 10/14] HID: ntrig: validate feature report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772189314633\u0026w=1"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2896",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2893 (GCVE-0-2013-2893)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 07/14] HID: LG: validate HID output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772186714627\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62050",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62050"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T21:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 07/14] HID: LG: validate HID output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772186714627\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62050",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62050"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2015-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 07/14] HID: LG: validate HID output report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772186714627\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2016-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62050"
},
{
"name": "USN-2023-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2893",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4162 (GCVE-0-2013-4162)
Vulnerability from cvelistv5
Published
2013-07-28 18:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1436",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1436.html"
},
{
"name": "USN-1943-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1943-1"
},
{
"name": "[oss-security] 20130723 Re: CVE Request: Linux kernel: panic while pushing pending data out of an IPv6 socket with UDP_CORK enabled.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/23/9"
},
{
"name": "61411",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61411"
},
{
"name": "SUSE-SU-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html"
},
{
"name": "USN-1938-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1938-1"
},
{
"name": "USN-1944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1944-1"
},
{
"name": "USN-1945-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1945-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1"
},
{
"name": "RHSA-2013:1520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1520.html"
},
{
"name": "openSUSE-SU-2013:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1"
},
{
"name": "USN-1939-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1939-1"
},
{
"name": "SUSE-SU-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html"
},
{
"name": "USN-1947-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1947-1"
},
{
"name": "54148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54148"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "USN-1941-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1941-1"
},
{
"name": "55055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55055"
},
{
"name": "USN-1942-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1942-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=987627"
},
{
"name": "USN-1946-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1946-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-02T14:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1436",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1436.html"
},
{
"name": "USN-1943-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1943-1"
},
{
"name": "[oss-security] 20130723 Re: CVE Request: Linux kernel: panic while pushing pending data out of an IPv6 socket with UDP_CORK enabled.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/23/9"
},
{
"name": "61411",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61411"
},
{
"name": "SUSE-SU-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html"
},
{
"name": "USN-1938-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1938-1"
},
{
"name": "USN-1944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1944-1"
},
{
"name": "USN-1945-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1945-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1"
},
{
"name": "RHSA-2013:1520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1520.html"
},
{
"name": "openSUSE-SU-2013:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1"
},
{
"name": "USN-1939-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1939-1"
},
{
"name": "SUSE-SU-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html"
},
{
"name": "USN-1947-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1947-1"
},
{
"name": "54148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54148"
},
{
"name": "RHSA-2013:1460",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "USN-1941-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1941-1"
},
{
"name": "55055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55055"
},
{
"name": "USN-1942-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1942-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=987627"
},
{
"name": "USN-1946-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1946-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4162",
"datePublished": "2013-07-28T18:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4163 (GCVE-0-2013-4163)
Vulnerability from cvelistv5
Published
2013-07-28 18:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1943-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1943-1"
},
{
"name": "[oss-security] 20130723 Re: CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/23/10"
},
{
"name": "SUSE-SU-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html"
},
{
"name": "USN-1938-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1938-1"
},
{
"name": "61412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61412"
},
{
"name": "USN-1944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1944-1"
},
{
"name": "USN-1945-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1945-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75a493e60ac4bbe2e977e7129d6d8cbb0dd236be"
},
{
"name": "SUSE-SU-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=987633"
},
{
"name": "USN-1947-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1947-1"
},
{
"name": "54148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54148"
},
{
"name": "USN-1941-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1941-1"
},
{
"name": "USN-1942-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1942-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/75a493e60ac4bbe2e977e7129d6d8cbb0dd236be"
},
{
"name": "USN-1946-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1946-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1943-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1943-1"
},
{
"name": "[oss-security] 20130723 Re: CVE request: Linux kernel: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/23/10"
},
{
"name": "SUSE-SU-2013:1473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html"
},
{
"name": "USN-1938-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1938-1"
},
{
"name": "61412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61412"
},
{
"name": "USN-1944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1944-1"
},
{
"name": "USN-1945-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1945-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75a493e60ac4bbe2e977e7129d6d8cbb0dd236be"
},
{
"name": "SUSE-SU-2013:1474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=987633"
},
{
"name": "USN-1947-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1947-1"
},
{
"name": "54148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54148"
},
{
"name": "USN-1941-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1941-1"
},
{
"name": "USN-1942-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1942-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/75a493e60ac4bbe2e977e7129d6d8cbb0dd236be"
},
{
"name": "USN-1946-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1946-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4163",
"datePublished": "2013-07-28T18:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2889 (GCVE-0-2013-2889)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62042"
},
{
"name": "[linux-input] 20130828 [PATCH 03/14] HID: zeroplus: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772182014614\u0026w=1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T21:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2015-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-2016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62042"
},
{
"name": "[linux-input] 20130828 [PATCH 03/14] HID: zeroplus: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772182014614\u0026w=1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2015-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2015-1"
},
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-2016-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2016-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62042"
},
{
"name": "[linux-input] 20130828 [PATCH 03/14] HID: zeroplus: validate output report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772182014614\u0026w=1"
},
{
"name": "USN-2023-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2889",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2888 (GCVE-0-2013-2888)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 01/14] HID: validate HID report id size",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772180514608\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-30T19:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 01/14] HID: validate HID report id size",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772180514608\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "[linux-input] 20130828 [PATCH 01/14] HID: validate HID report id size",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772180514608\u0026w=1"
},
{
"name": "RHSA-2013:1490",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-1998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2888",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:20.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2892 (GCVE-0-2013-2892)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62049",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62049"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "[linux-input] 20130828 [PATCH 06/14] HID: pantherlord: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772185414625\u0026w=1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62049",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62049"
},
{
"name": "USN-1998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "[linux-input] 20130828 [PATCH 06/14] HID: pantherlord: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772185414625\u0026w=1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-1977-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1977-1"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "RHSA-2013:1645",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "USN-1995-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1995-1"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "DSA-2766",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2766"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-1976-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1976-1"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "62049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62049"
},
{
"name": "USN-1998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1998-1"
},
{
"name": "[linux-input] 20130828 [PATCH 06/14] HID: pantherlord: validate output report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772185414625\u0026w=1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2892",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4254 (GCVE-0-2013-4254)
Vulnerability from cvelistv5
Published
2013-08-25 01:00
Modified
2024-08-06 16:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1970-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1970-1"
},
{
"name": "54494",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54494"
},
{
"name": "USN-1975-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1975-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "USN-1971-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1971-1"
},
{
"name": "USN-1968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1968-1"
},
{
"name": "USN-1969-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1969-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998878"
},
{
"name": "USN-1973-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1973-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "USN-1974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1974-1"
},
{
"name": "[oss-security] 20130816 Re: CVE Request: linux-kernel priviledge escalation on ARM/perf",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8"
},
{
"name": "USN-1972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1972-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1970-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1970-1"
},
{
"name": "54494",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54494"
},
{
"name": "USN-1975-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1975-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "USN-1971-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1971-1"
},
{
"name": "USN-1968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1968-1"
},
{
"name": "USN-1969-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1969-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998878"
},
{
"name": "USN-1973-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1973-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "USN-1974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1974-1"
},
{
"name": "[oss-security] 20130816 Re: CVE Request: linux-kernel priviledge escalation on ARM/perf",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8"
},
{
"name": "USN-1972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1972-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4254",
"datePublished": "2013-08-25T01:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2895 (GCVE-0-2013-2895)
Vulnerability from cvelistv5
Published
2013-09-13 18:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "[linux-input] 20130828 [PATCH 09/14] HID: logitech-dj: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772188314631\u0026w=1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-30T19:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2024-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "[linux-input] 20130828 [PATCH 09/14] HID: logitech-dj: validate output report details",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-input\u0026m=137772188314631\u0026w=1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-2895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2024-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2024-1"
},
{
"name": "RHSA-2013:1490",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"name": "USN-2039-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2039-1"
},
{
"name": "USN-2022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2022-1"
},
{
"name": "[oss-security] 20130828 Linux HID security flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/08/28/13"
},
{
"name": "USN-2038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2038-1"
},
{
"name": "USN-2020-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2020-1"
},
{
"name": "USN-2021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2021-1"
},
{
"name": "USN-2019-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2019-1"
},
{
"name": "USN-2023-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2023-1"
},
{
"name": "USN-2050-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"name": "[linux-input] 20130828 [PATCH 09/14] HID: logitech-dj: validate output report details",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-input\u0026m=137772188314631\u0026w=1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-2895",
"datePublished": "2013-09-13T18:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…