CVE-2013-7263

MEDIUM

Description

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965eac7d167610be69

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

http://rhn.redhat.com/errata/RHSA-2014-0159.html

http://rhn.redhat.com/errata/RHSA-2014-0285.html

http://seclists.org/oss-sec/2014/q1/29

http://secunia.com/advisories/55882

http://secunia.com/advisories/56036

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4

http://www.openwall.com/lists/oss-security/2013/11/28/13

http://www.ubuntu.com/usn/USN-2107-1

http://www.ubuntu.com/usn/USN-2108-1

http://www.ubuntu.com/usn/USN-2109-1

http://www.ubuntu.com/usn/USN-2110-1

http://www.ubuntu.com/usn/USN-2113-1

http://www.ubuntu.com/usn/USN-2117-1

http://www.ubuntu.com/usn/USN-2135-1

http://www.ubuntu.com/usn/USN-2136-1

http://www.ubuntu.com/usn/USN-2138-1

http://www.ubuntu.com/usn/USN-2139-1

http://www.ubuntu.com/usn/USN-2141-1

https://bugzilla.redhat.com/show_bug.cgi?id=1035875

https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69

Details

Source: MITRE

Published: 2014-01-06

Updated: 2017-12-16

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM