Bug 1035875 (CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7281)
Summary: | CVE-2013-7263 CVE-2013-7265 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Prasad Pandit <ppandit> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | agordeev, anton, aquini, bhu, davej, dhoward, esammons, fhrbata, fwestpha, gansalmon, iboverma, itamar, jforbes, jkacur, jkurik, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, lgoncalv, lwang, madhu.chinakonda, mcressma, pholasek, plougher, rt-maint, rvrbovsk, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-04-28 17:40:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1035880, 1035881, 1035882, 1035883, 1035884, 1035885, 1035886, 1035887 | ||
Bug Blocks: | 1032009 |
Description
Prasad Pandit
2013-11-28 17:35:49 UTC
Statement CVE-2013-7263: (none) Statement CVE-2013-7264: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Statement CVE-2013-7265: This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5. Statement CVE-2013-7281: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1035887] kernel-3.11.10-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. kernel-3.11.10-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. kernel-3.11.10-301.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. kernel-3.12.5-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. kernel-3.12.5-302.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. Common Vulnerabilities and Exposures assigned an identifier CVE-2013-7281 to the following vulnerability: Name: CVE-2013-7281 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7281 Assigned: 20140108 Reference: http://www.openwall.com/lists/oss-security/2013/11/28/13 Reference: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965eac7d167610be69 Reference: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1035875 Reference: https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69 The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0159 https://rhn.redhat.com/errata/RHSA-2014-0159.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0285 https://rhn.redhat.com/errata/RHSA-2014-0285.html This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2014:0439 https://rhn.redhat.com/errata/RHSA-2014-0439.html |