Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-2224

Опубликовано: 30 июн. 2013
Источник: redhat
CVSS2: 6.9
EPSS Низкий

Описание

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.

Отчет

This issue did not affect the version of the kernel package as shipped with Red Hat Enterprise MRG 2. This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6 may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected
OpenStack 3 for RHEL 6kernelFixedRHSA-2013:119503.09.2013
Red Hat Enterprise Linux 5kernelFixedRHSA-2013:116620.08.2013
Red Hat Enterprise Linux 6kernelFixedRHSA-2013:117327.08.2013
Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node OnlykernelFixedRHSA-2013:145022.10.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=979936kernel: net: IP_REPOPTS invalid free

EPSS

Процентиль: 40%
0.00183
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-2224

ubuntu
около 12 лет назад

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.

nvd логотип

CVE-2013-2224

nvd
около 12 лет назад

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.

debian логотип

CVE-2013-2224

debian
около 12 лет назад

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterpr ...

github логотип

GHSA-phqq-mhr3-p67h

github
около 3 лет назад

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.

oracle-oval логотип

ELSA-2013-1173

oracle-oval
почти 12 лет назад

ELSA-2013-1173: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 40%
0.00183
Низкий

6.9 Medium

CVSS2