CVE-2013-1928

Опубликовано: 25 окт. 2012

Источник: redhat

CVSS2: 1.7

Описание

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device.

Отчет

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2013:1645	20.11.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=949567Kernel: information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE

1.7 Low

CVSS2

Связанные уязвимости

CVE-2013-1928

ubuntu

около 12 лет назад

CVE-2013-1928

nvd

около 12 лет назад

CVE-2013-1928

debian

около 12 лет назад

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linu ...

GHSA-fj24-32r9-v783

github

около 3 лет назад

ELSA-2013-2584

oracle-oval

больше 11 лет назад

ELSA-2013-2584: Unbreakable Enterprise Kernel security update (IMPORTANT)

1.7 Low

CVSS2