6.1 Medium
AI Score
Confidence
High
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
64.2%
Andrew Jones discovered a flaw with the xen_iret function in Linux kernel’s
Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged
guest OS user could exploit this flaw to cause a denial of service (crash
the system) or gain guest OS privilege. (CVE-2013-0228)
Emese Revfy discovered that in the Linux kernel signal handlers could leak
address information across an exec, making it possible to by pass ASLR
(Address Space Layout Randomization). A local user could use this flaw to
by pass ASLR to reliably deliver an exploit payload that would otherwise be
stopped (by ASLR). (CVE-2013-0914)
A memory use after free error was discover in the Linux kernel’s tmpfs
filesystem. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-1767)
Mateusz Guzik discovered a race in the Linux kernel’s keyring. A local user
could exploit this flaw to cause a denial of service (system crash).
(CVE-2013-1792)
Mathias Krause discovered a memory leak in the Linux kernel’s crypto report
API. A local user with CAP_NET_ADMIN could exploit this leak to examine
some of the kernel’s stack memory. (CVE-2013-2546)
Mathias Krause discovered a memory leak in the Linux kernel’s crypto report
API. A local user with CAP_NET_ADMIN could exploit this leak to examine
some of the kernel’s heap memory. (CVE-2013-2547)
Mathias Krause discovered information leaks in the Linux kernel’s crypto
algorithm report API. A local user could exploit these flaws to leak kernel
stack and heap memory contents. (CVE-2013-2548)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | linux-image-3.5.0-27-generic | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | block-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | crypto-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fat-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fb-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | firewire-core-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | floppy-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-core-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | fs-secondary-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |
Ubuntu | 12.04 | noarch | input-modules-3.5.0-27-generic-di | < 3.5.0-27.46~precise1 | UNKNOWN |