Bug 923652 (CVE-2013-1873)

Summary: CVE-2013-1873 Kernel: information leaks via netlink interface
Product: [Other] Security Response Reporter: Prasad J Pandit <prasad>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: agordeev, anton, bhu, davej, dhoward, esammons, fhrbata, gansalmon, iboverma, itamar, jforbes, jkacur, jlieskov, jonathan, jwboyer, kernel-maint, kernel-mgr, lgoncalv, lwang, madhu.chinakonda, mcressma, npajkovs, plougher, pmatouse, rt-maint, rvrbovsk, tgraf, williams
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20130309,reported=20130319,source=oss-security,cvss2=1.5/AV:L/AC:M/Au:S/C:P/I:N/A:N,rhel-5/kernel=notaffected,rhel-6/kernel=affected,mrg-2/realtime-kernel=affected,fedora-all/kernel=affected
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-22 07:19:37 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 858947    

Comment 5 Jan Lieskovsky 2013-03-22 07:06:06 EDT
Common Vulnerabilities and Exposures has rejected the use of CVE-2013-1873 identifier for purpose of future references:

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2013-2634,
CVE-2013-2635, CVE-2013-2636.  Reason: This candidate is a duplicate
of CVE-2013-2634, CVE-2013-2635, and CVE-2013-2636.  Notes: All CVE
users should reference one or more of CVE-2013-2634, CVE-2013-2635,
and CVE-2013-2636 instead of this candidate.  All references and
descriptions in this candidate have been removed to prevent accidental
usage.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1873

Note: I will keep the CVE-2013-1873 identifier in the alias of this bug (to simplify access). But future use of CVE-2013-1873 identifier is deprecated, CVE-2013-2634, CVE-2013-2635, and CVE-2013-2636 should be used instead.