CVE-2013-2547

Опубликовано: 15 мар. 2013

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 2.1

Описание

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Релиз	Статус	Примечание
devel	not-affected	4.10.0-19.21
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/xenial	not-affected	4.2.0-16.19
hardy	not-affected
lucid	not-affected	affected code not present
oneiric	not-affected
precise	released	3.2.0-40.64
precise/esm	released	3.2.0-40.64
quantal	released	3.5.0-27.46
saucy	not-affected	3.9.0-0.2

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	DNE
precise	released	3.2.0-1616.25
precise/esm	DNE	precise was released [3.2.0-1616.25]
quantal	released	3.5.0-1611.17
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1001.10
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	3.9~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	not-affected	affected code not present
oneiric	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	ignored	end of life
oneiric	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1003.3

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	3.9~rc1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	ignored	end of life
oneiric	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	not-affected
oneiric	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	DNE
precise	released	3.5.0-27.46~precise1
precise/esm	DNE	precise was released [3.5.0-27.46~precise1]
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	not-affected	3.13.0-24.46~precise1
precise/esm	not-affected	3.13.0-24.46~precise1
saucy	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
utopic	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.16.0-25.33~14.04.2]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.16.0-25.33~14.04.2
trusty/esm	DNE	trusty was not-affected [3.16.0-25.33~14.04.2]
upstream	released	3.9~rc1
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.19.0-18.18~14.04.1
trusty/esm	DNE	trusty was not-affected [3.19.0-18.18~14.04.1]
upstream	released	3.9~rc1
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [4.2.0-18.22~14.04.1]]
precise	DNE
precise/esm	DNE
trusty	not-affected	4.2.0-18.22~14.04.1
trusty/esm	DNE	trusty was not-affected [4.2.0-18.22~14.04.1]
upstream	released	3.9~rc1
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	3.9~rc1
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	3.9~rc1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.4.0-5.22]]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	not-affected	3.4.0-5.22
trusty/esm	DNE	trusty was not-affected [3.4.0-5.22]
upstream	released	3.9~rc1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	ignored	end of life
oneiric	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	ignored	end of life
oneiric	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
saucy	DNE
trusty	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.10.0-1004.6
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	released	4.2.0-1014.21

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.4.0-1050.54
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.9~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
oneiric	not-affected
precise	released	3.2.0-1429.38
precise/esm	DNE	precise was released [3.2.0-1429.38]
quantal	released	3.5.0-222.33
saucy	not-affected	3.5.0-223.34
trusty	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 22%

0.00074

Низкий

2.1 Low

CVSS2

Связанные уязвимости

CVE-2013-2547

redhat

около 13 лет назад

CVE-2013-2547

nvd

почти 13 лет назад

CVE-2013-2547

debian

почти 13 лет назад

The crypto_report_one function in crypto/crypto_user.c in the report A ...

GHSA-9558-m4h2-x96x

github

больше 3 лет назад

EPSS

Процентиль: 22%

0.00074

Низкий

2.1 Low

CVSS2

CVE-2013-2547

Описание

Пакет linux

Пакет linux-armadaxp

Пакет linux-aws

Пакет linux-ec2

Пакет linux-flo

Пакет linux-fsl-imx51

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-linaro-omap

Пакет linux-linaro-shared

Пакет linux-linaro-vexpress

Пакет linux-lts-backport-maverick

Пакет linux-lts-backport-oneiric

Пакет linux-lts-quantal

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-mvl-dove

Пакет linux-qcm-msm

Пакет linux-raspi2

Пакет linux-snapdragon

Пакет linux-ti-omap4

Ссылки на источники

Связанные уязвимости