Lucene search

K

MitreCVELIST:CVE-2013-2548

HistoryMar 14, 2013 - 8:00 p.m.

CVE-2013-2548

2013-03-1420:00:00

mitre

www.cve.org

1

5.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

lists.opensuse.org/opensuse-updates/2013-12/msg00129.html

www.mandriva.com/security/advisories?name=MDVSA-2013:176

www.openwall.com/lists/oss-security/2013/03/05/13

www.ubuntu.com/usn/USN-1793-1

www.ubuntu.com/usn/USN-1794-1

www.ubuntu.com/usn/USN-1795-1

www.ubuntu.com/usn/USN-1796-1

www.ubuntu.com/usn/USN-1797-1

github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

5.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2013-2548

cve2 ubuntucve1 nvd2 prion2 debiancve1 nessus7 openvas10 securityvulns2 ubuntu5 redhat1