Bug 892983 (CVE-2013-0160)
Summary: | CVE-2013-0160 kernel: /dev/ptmx to measure inter-keystroke timing | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED WONTFIX | QA Contact: | |||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | unspecified | CC: | agordeev, davej, dhoward, fhrbata, gansalmon, iboverma, itamar, jforbes, jneedle, jonathan, jrusnack, jwboyer, kernel-maint, kernel-mgr, lwang, madhu.chinakonda, mcressma, mrg-program-list, nobody, plougher, pmatouse, rvrbovsk, sforsber | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2014-11-21 10:34:47 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 892984 | ||||||||
Attachments: |
|
Description
Jan Lieskovsky
2013-01-08 11:11:02 UTC
Created attachment 674721 [details]
Local copy of the reproducer to determine keystroke latency
Created attachment 674722 [details]
Local copy of a reproducer to determine password length for "su -" session
Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and 6, and Red Hat Enterprise MRG 2. Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ |