Lucene search

Ubuntu.comUB:CVE-2013-4127

HistoryJul 29, 2013 - 12:00 a.m.

CVE-2013-4127

2013-07-2900:00:00

ubuntu.com

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Use-after-free vulnerability in the vhost_net_set_backend function in
drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users
to cause a denial of service (OOPS and system crash) via vectors involving
powering on a virtual machine.

Bugs

<https://launchpad.net/bugs/1202992>

OSVersionArchitecturePackageVersionFilename
ubuntu13.04noarchlinux< 3.8.0-29.42UNKNOWN
ubuntu12.04noarchlinux-lts-raring< 3.8.0-29.42~precise1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	13.04	noarch	linux	< 3.8.0-29.42	UNKNOWN
ubuntu	12.04	noarch	linux-lts-raring	< 3.8.0-29.42~precise1	UNKNOWN

References

bugzilla.redhat.com/show_bug.cgi?id=980643

bugzilla.redhat.com/show_bug.cgi?id=984722

launchpad.net/bugs/cve/CVE-2013-4127

nvd.nist.gov/vuln/detail/CVE-2013-4127

security-tracker.debian.org/tracker/CVE-2013-4127

ubuntu.com/security/notices/USN-1935-1

ubuntu.com/security/notices/USN-1936-1

www.cve.org/CVERecord?id=CVE-2013-4127

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for UB:CVE-2013-4127