4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
61.1%
Heap-based buffer overflow in the tg3_read_vpd function in
drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows
physically proximate attackers to cause a denial of service (system crash)
or possibly execute arbitrary code via crafted firmware that specifies a
long string in the Vital Product Data (VPD) data structure.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | linux | < 3.2.0-44.69 | UNKNOWN |
ubuntu | 12.10 | noarch | linux | < 3.5.0-31.52 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1619.29 | UNKNOWN |
ubuntu | 12.10 | noarch | linux-armadaxp | < 3.5.0-1614.21 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-quantal | < 3.5.0-31.52~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-ti-omap4 | < 3.2.0-1432.41 | UNKNOWN |
ubuntu | 12.10 | noarch | linux-ti-omap4 | < 3.5.0-225.36 | UNKNOWN |
ubuntu | 13.04 | noarch | linux-ti-omap4 | < 3.5.0-225.36 | UNKNOWN |
openwall.com/lists/oss-security/2013/04/05/2
launchpad.net/bugs/cve/CVE-2013-1929
nvd.nist.gov/vuln/detail/CVE-2013-1929
security-tracker.debian.org/tracker/CVE-2013-1929
ubuntu.com/security/notices/USN-1833-1
ubuntu.com/security/notices/USN-1834-1
ubuntu.com/security/notices/USN-1835-1
ubuntu.com/security/notices/USN-1836-1
ubuntu.com/security/notices/USN-1838-1
ubuntu.com/security/notices/USN-1839-1
www.cve.org/CVERecord?id=CVE-2013-1929