CVE-2013-4345

Опубликовано: 10 окт. 2013

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5.8

Описание

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.

Релиз	Статус	Примечание
devel	not-affected	4.10.0-19.21
esm-infra-legacy/trusty	not-affected	3.12.0-5.13
esm-infra/xenial	not-affected	4.2.0-16.19
lucid	released	2.6.32-55.117
precise	released	3.2.0-59.90
precise/esm	not-affected	3.2.0-59.90
quantal	released	3.5.0-45.68
raring	ignored	end of life
saucy	released	3.11.0-15.23
trusty	not-affected	3.12.0-5.13

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.2.0-1630.42
precise/esm	DNE	precise was released [3.2.0-1630.42]
quantal	released	3.5.0-1626.35
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1001.10
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	3.13~rc2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	released	2.6.32-360.73
precise	DNE
precise/esm	DNE
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	DNE
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	DNE
precise/esm	DNE
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1003.3

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	3.13~rc2

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.5.0-45.68~precise1
precise/esm	DNE	precise was released [3.5.0-45.68~precise1]
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.8.0-38.56~precise1
precise/esm	DNE	precise was released [3.8.0-38.56~precise1]
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.11.0-15.23~precise1
precise/esm	DNE	precise was released [3.11.0-15.23~precise1]
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	not-affected	3.13.0-24.46~precise1
precise/esm	not-affected	3.13.0-24.46~precise1
saucy	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
utopic	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.16.0-25.33~14.04.2]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.16.0-25.33~14.04.2
trusty/esm	DNE	trusty was not-affected [3.16.0-25.33~14.04.2]
upstream	released	3.13~rc2
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.19.0-18.18~14.04.1
trusty/esm	DNE	trusty was not-affected [3.19.0-18.18~14.04.1]
upstream	released	3.13~rc2
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [4.2.0-18.22~14.04.1]]
precise	DNE
precise/esm	DNE
trusty	not-affected	4.2.0-18.22~14.04.1
trusty/esm	DNE	trusty was not-affected [4.2.0-18.22~14.04.1]
upstream	released	3.13~rc2
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	3.13~rc2
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	3.13~rc2

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was needed]
lucid	DNE
precise	DNE
precise/esm	DNE
quantal	DNE
saucy	ignored
trusty	ignored	end of standard support, was needed
trusty/esm	ignored	end of life, was needed
upstream	released	3.13~rc2

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	DNE
precise/esm	DNE
quantal	DNE
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
quantal	ignored	end of life
raring	DNE
saucy	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.10.0-1004.6
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	released	4.2.0-1014.21

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.4.0-1050.54
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.13~rc2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.2.0-1443.62
precise/esm	DNE	precise was released [3.2.0-1443.62]
quantal	released	3.5.0-237.53
raring	released	3.5.0-237.53
saucy	released	3.5.0-237.53
trusty	DNE
trusty/esm	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%

0.01022

Низкий

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2013-4345

redhat

почти 12 лет назад

CVE-2013-4345

nvd

больше 11 лет назад

CVE-2013-4345

debian

больше 11 лет назад

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c ...

GHSA-3pw5-42hr-wxmc

github

около 3 лет назад

BDU:2014-00092

fstec

больше 11 лет назад

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

EPSS

Процентиль: 76%

0.01022

Низкий

5.8 Medium

CVSS2

CVE-2013-4345

Описание

Пакет linux

Пакет linux-armadaxp

Пакет linux-aws

Пакет linux-ec2

Пакет linux-flo

Пакет linux-fsl-imx51

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-linaro-omap

Пакет linux-linaro-shared

Пакет linux-linaro-vexpress

Пакет linux-lts-quantal

Пакет linux-lts-raring

Пакет linux-lts-saucy

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-mvl-dove

Пакет linux-qcm-msm

Пакет linux-raspi2

Пакет linux-snapdragon

Пакет linux-ti-omap4

Ссылки на источники

Связанные уязвимости