Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-7263

Опубликовано: 18 нояб. 2013
Источник: redhat
CVSS2: 2.1

Описание

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 5kernelFixedRHSA-2014:028512.03.2014
Red Hat Enterprise Linux 6kernelFixedRHSA-2014:015911.02.2014
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2014:043928.04.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1035875Kernel: net: leakage of uninitialized memory to user-space via recv syscalls

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-7263

ubuntu
больше 11 лет назад

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

nvd логотип

CVE-2013-7263

nvd
больше 11 лет назад

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

debian логотип

CVE-2013-7263

debian
больше 11 лет назад

The Linux kernel before 3.12.4 updates certain length values before en ...

github логотип

GHSA-fp24-vc7q-88fj

github
больше 3 лет назад

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

oracle-oval логотип

ELSA-2014-3011

oracle-oval
больше 11 лет назад

ELSA-2014-3011: Unbreakable Enterprise kernel security update (IMPORTANT)

2.1 Low

CVSS2