Lucene search

Veracode Vulnerability DatabaseVERACODE:14711

HistoryMay 02, 2019 - 4:54 a.m.

Arbitrary Code Execution

2019-05-0204:54:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

kernel-rt is vulnerable to arbitrary code execution. The vulnerability exists as it uses an incorrect integer data type.

CPENameOperatorVersion
kernel-rteq3.0.18__rt34.53.el6rt
kernel-rteq3.0.36__rt57.66.el6rt
kernel-rteq3.2.23__rt37.56.el6rt
kernel-rteq3.0.30__rt50.62.el6rt
kernel-rteq2.6.33.9__rt31.79.el6rt
kernel-rteq3.2.33__rt50.66.el6rt
kernel-rteq3.0.9__rt26.46.el6rt
kernel-rteq2.6.33.9__rt31.66.el6rt
kernel-rteq2.6.33.9__rt31.74.el6rt
kernel-rteq3.0.9__rt26.45.el6rt

Name	Operator	Version
kernel-rt	eq	3.0.18__rt34.53.el6rt
kernel-rt	eq	3.0.36__rt57.66.el6rt
kernel-rt	eq	3.2.23__rt37.56.el6rt
kernel-rt	eq	3.0.30__rt50.62.el6rt
kernel-rt	eq	2.6.33.9__rt31.79.el6rt
kernel-rt	eq	3.2.33__rt50.66.el6rt
kernel-rt	eq	3.0.9__rt26.46.el6rt
kernel-rt	eq	2.6.33.9__rt31.66.el6rt
kernel-rt	eq	2.6.33.9__rt31.74.el6rt
kernel-rt	eq	3.0.9__rt26.45.el6rt

Rows per page:

1-10 of 281

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8176cced706b5e5d15887584150764894e94e02f

lists.centos.org/pipermail/centos-announce/2013-May/019729.html

lists.centos.org/pipermail/centos-announce/2013-May/019733.html

lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html

lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html

lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html

lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html

lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html

news.ycombinator.com/item?id=5703758

packetstormsecurity.com/files/121616/semtex.c

rhn.redhat.com/errata/RHSA-2013-0830.html

twitter.com/djrbliss/statuses/334301992648331267

www.exploit-db.com/exploits/33589

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9

www.mandriva.com/security/advisories?name=MDVSA-2013:176

www.openwall.com/lists/oss-security/2013/05/14/6

www.osvdb.org/93361

www.reddit.com/r/netsec/comments/1eb9iw

www.ubuntu.com/usn/USN-1825-1

www.ubuntu.com/usn/USN-1826-1

www.ubuntu.com/usn/USN-1827-1

www.ubuntu.com/usn/USN-1828-1

www.ubuntu.com/usn/USN-1836-1

www.ubuntu.com/usn/USN-1838-1

access.redhat.com/errata/RHSA-2013:0829

access.redhat.com/errata/RHSA-2013:0830

access.redhat.com/errata/RHSA-2013:0832

access.redhat.com/errata/RHSA-2013:0840

access.redhat.com/errata/RHSA-2013:0841

access.redhat.com/security/cve/CVE-2013-2094

access.redhat.com/security/updates/classification/#important

access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-0829.html

access.redhat.com/site/solutions/373743

bugzilla.redhat.com/show_bug.cgi?id=918098

bugzilla.redhat.com/show_bug.cgi?id=927026

bugzilla.redhat.com/show_bug.cgi?id=962792

github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f

rhn.redhat.com/errata/RHBA-2012-0044.html

rhn.redhat.com/errata/RHSA-2013-0829.html

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Arbitrary Code Execution

References

Related