Lucene search

K

MitreCVELIST:CVE-2013-2546

HistoryMar 14, 2013 - 8:00 p.m.

CVE-2013-2546

2013-03-1420:00:00

mitre

www.cve.org

1

5.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

lists.opensuse.org/opensuse-updates/2013-12/msg00129.html

www.mandriva.com/security/advisories?name=MDVSA-2013:176

www.openwall.com/lists/oss-security/2013/03/05/13

www.ubuntu.com/usn/USN-1793-1

www.ubuntu.com/usn/USN-1794-1

www.ubuntu.com/usn/USN-1795-1

www.ubuntu.com/usn/USN-1796-1

www.ubuntu.com/usn/USN-1797-1

github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

5.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2013-2546

prion2 debiancve1 nvd2 cve2 ubuntucve1 nessus7 openvas10 securityvulns2 ubuntu5 redhat1