CVE-2013-0914

2013-03-2200:00:00

ubuntu.com

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

9.4%

JSON

The flush_signal_handlers function in kernel/signal.c in the Linux kernel
before 3.8.4 preserves the value of the sa_restorer field across an exec
operation, which makes it easier for local users to bypass the ASLR
protection mechanism via a crafted application containing a sigaction
system call.

Bugs

<https://launchpad.net/bugs/1153813>

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux< 2.6.32-46.107UNKNOWN
ubuntu11.10noarchlinux< 3.0.0-32.51UNKNOWN
ubuntu12.04noarchlinux< 3.2.0-40.64UNKNOWN
ubuntu12.10noarchlinux< 3.5.0-27.46UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1616.25UNKNOWN
ubuntu12.10noarchlinux-armadaxp< 3.5.0-1611.17UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-351.63UNKNOWN
ubuntu10.04noarchlinux-lts-backport-oneiric< 3.0.0-32.51~lucid1UNKNOWN
ubuntu12.04noarchlinux-lts-quantal< 3.5.0-27.46~precise1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1429.38UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	linux	< 2.6.32-46.107	UNKNOWN
ubuntu	11.10	noarch	linux	< 3.0.0-32.51	UNKNOWN
ubuntu	12.04	noarch	linux	< 3.2.0-40.64	UNKNOWN
ubuntu	12.10	noarch	linux	< 3.5.0-27.46	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1616.25	UNKNOWN
ubuntu	12.10	noarch	linux-armadaxp	< 3.5.0-1611.17	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-351.63	UNKNOWN
ubuntu	10.04	noarch	linux-lts-backport-oneiric	< 3.0.0-32.51~lucid1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-quantal	< 3.5.0-27.46~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-ti-omap4	< 3.2.0-1429.38	UNKNOWN