Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-4588

Опубликовано: 11 нояб. 2013
Источник: redhat
CVSS2: 6.6

Описание

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.

Отчет

The Red Hat Security Response Team does not consider this issue to be a security flaw. Please see http://seclists.org/oss-sec/2014/q1/174 for CVE REJECT request and further information.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux Extended Update Support 6.4kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=1030800Kernel: net: ipvs: stack buffer overflow

6.6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-4588

CVSS3: 7
ubuntu
около 12 лет назад

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. A user/program with CAP_NET_ADMIN privileges could use this flaw to further escalate their privileges on a system.

nvd логотип

CVE-2013-4588

CVSS3: 7
nvd
около 12 лет назад

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.

debian логотип

CVE-2013-4588

CVSS3: 7
debian
около 12 лет назад

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl. ...

github логотип

GHSA-h3c6-f59r-9hjh

CVSS3: 7
github
больше 3 лет назад

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.

suse-cvrf логотип

SUSE-SU-2015:0652-1

suse-cvrf
почти 14 лет назад

Security update for Kernel

6.6 Medium

CVSS2