6.8 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
68.3%
An information leak was discovered in the Linux kernel when reading
broadcast messages from the notify_policy interface of the IPSec
key_socket. A local user could exploit this flaw to examine potentially
sensitive information in kernel memory. (CVE-2013-2237)
Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of
the Linux kernel. A physically proximate attacker could exploit this flaw
to execute arbitrary code or cause a denial of service (heap memory
corruption) via a specially crafted device that provides an invalid Report
ID. (CVE-2013-2888)
Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically
proximate attacker could cause a denial of service (heap out-of-bounds
write) via a specially crafted device. (CVE-2013-2892)
Kees Cook discovered a vulnerability in the Linux Kernel’s Human Interface
Device (HID) subsystem’s support for N-Trig touch screens. A physically
proximate attacker could exploit this flaw to cause a denial of service
(OOPS) via a specially crafted device. (CVE-2013-2896)
Kees Cook discovered an information leak in the Linux kernel’s Human
Interface Device (HID) subsystem when CONFIG_HID_SENSOR_HUB is enabled. A
physically proximate attacker could obtain potentially sensitive
information from kernel memory via a specially crafted device.
(CVE-2013-2898)
Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A physically
proximate attacker could exploit this flaw to cause a denial of service
(OOPS) via a specially crafted device. (CVE-2013-2899)
A flaw was discovered in how the Linux Kernel’s networking stack checks scm
credentials when used with namespaces. A local attacker could exploit this
flaw to gain privileges. (CVE-2013-4300)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 13.04 | noarch | linux-image-3.8.0-32-generic | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | block-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | crypto-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | fat-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | fb-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | firewire-core-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | floppy-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | fs-core-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | fs-secondary-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |
Ubuntu | 13.04 | noarch | input-modules-3.8.0-32-generic-di | < 3.8.0-32.47 | UNKNOWN |