Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-2547
HistoryMar 15, 2013 - 12:00 a.m.

CVE-2013-2547

2013-03-1500:00:00
ubuntu.com
ubuntu.com
10

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

The crypto_report_one function in crypto/crypto_user.c in the report API in
the crypto user configuration API in the Linux kernel through 3.8.2 does
not initialize certain structure members, which allows local users to
obtain sensitive information from kernel heap memory by leveraging the
CAP_NET_ADMIN capability.

Bugs

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

Related for UB:CVE-2013-2547