exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2013-3228

Status Candidate

Overview

The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Related Files

Ubuntu Security Notice USN-1882-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1882-1 - Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2850, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-2850, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227
MD5 | 7c792dfc092a7b89310f088463bdcd3d
Ubuntu Security Notice USN-1881-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1881-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229
MD5 | 5f744916b5072d10faf4526a075c5c9d
Ubuntu Security Notice USN-1880-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1880-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229
MD5 | 09566fa6410aa4e527449a7655e109e9
Ubuntu Security Notice USN-1879-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1879-1 - Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2850, CVE-2013-0160, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2146, CVE-2013-2850, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232
MD5 | 86dad408cfa6cc81f637961d33657f23
Ubuntu Security Notice USN-1878-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1878-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. A flaw was discovered in the Linux kernel's perf events subsystem for Intel Sandy Bridge and Ivy Bridge processors. A local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235
MD5 | 4a4c00bd59409c419099d0544ef4fd68
Ubuntu Security Notice USN-1877-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1877-1 - Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-1798, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235, CVE-2013-1798, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235
MD5 | 68cf4abfcdc0fa98e9ca98e738860a05
Ubuntu Security Notice USN-1876-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1876-1 - Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-1798, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235, CVE-2013-1798, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232, CVE-2013-3234, CVE-2013-3235
MD5 | 4c1ab07fe395b6920ceea09ecf7e0984
Ubuntu Security Notice USN-1837-1
Posted May 24, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1837-1 - An information leak was discovered in the Linux kernel's crypto API. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.

tags | advisory, kernel, local, crypto
systems | linux, ubuntu
advisories | CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3226, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3226, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235
MD5 | 4e1c985d29b403f799288923bc9137e9
Debian Security Advisory 2669-1
Posted May 16, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2669-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-0160, CVE-2013-1796, CVE-2013-1929, CVE-2013-1979, CVE-2013-2015, CVE-2013-2094, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3234, CVE-2013-3235, CVE-2013-3301
MD5 | e762497d8e6cf9758f4005bbd356f707
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close