Ubuntu.comUB:CVE-2013-1773CVE-2013-1773
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
30.2%
Buffer overflow in the VFAT filesystem implementation in the Linux kernel
before 3.3 allows local users to gain privileges or cause a denial of
service (system crash) via a VFAT write operation on a filesystem with the
utf8 mount option, which is not properly handled during UTF-8 to UTF-16
conversion.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | linux | < 2.6.32-46.105 | UNKNOWN |
| ubuntu | 11.10 | noarch | linux | < 3.0.0-32.50 | UNKNOWN |
| ubuntu | 12.04 | noarch | linux | < 3.2.0-22.35 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-351.62 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-lts-backport-oneiric | < 3.0.0-32.50~lucid1 | UNKNOWN |
| ubuntu | 11.10 | noarch | linux-ti-omap4 | < 3.0.0-1222.36 | UNKNOWN |
| ubuntu | 12.04 | noarch | linux-ti-omap4 | < 3.2.0-1412.15 | UNKNOWN |
References
www.exploit-db.com/exploits/23248/
www.openwall.com/lists/oss-security/2013/02/26/5
launchpad.net/bugs/cve/CVE-2013-1773
nvd.nist.gov/vuln/detail/CVE-2013-1773
security-tracker.debian.org/tracker/CVE-2013-1773
ubuntu.com/security/notices/USN-1756-1
ubuntu.com/security/notices/USN-1760-1
ubuntu.com/security/notices/USN-1775-1
ubuntu.com/security/notices/USN-1776-1
ubuntu.com/security/notices/USN-1778-1
www.cve.org/CVERecord?id=CVE-2013-1773
Related
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
30.2%