Hide Forgot
Linux kernel built with the networking support(CONFIG_NET), is vulnerable to a memory leakage flaw. It occurs while doing the recvmsg(2), recvfrom(2), recvmmsg(2) socket calls. A user/program could use this flaw to leak kernel memory bytes. Upstream fix: ------------- -> https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=bceaa90240b6019ed73b49965eac7d167610be69 -> https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=85fbaa75037d0b6b786ff18658ddf0b4014ce2a4 Original 'CVE-2013-6405' assigned to this issue has been rejected and the following 4 have been assigned for the same: - CVE-2013-7263 (net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c), - CVE-2013-7264 (net/l2tp/l2tp_ip.c), - CVE-2013-7265 (net/phonet/datagram.c) - CVE-2013-7281 (net/ieee802154/dgram.c) === Name: CVE-2013-6405 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7263, CVE-2013-7264, CVE-2013-7265. Reason: This candidate is a duplicate of CVE-2013-7263, CVE-2013-7264, and CVE-2013-7265. Notes: All CVE users should reference CVE-2013-7263, CVE-2013-7264, and/or CVE-2013-7265 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. ===
Statement CVE-2013-7263: (none) Statement CVE-2013-7264: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Statement CVE-2013-7265: This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5. Statement CVE-2013-7281: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1035887]
kernel-3.11.10-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.11.10-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.11.10-301.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.12.5-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.12.5-302.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-7281 to the following vulnerability: Name: CVE-2013-7281 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7281 Assigned: 20140108 Reference: http://www.openwall.com/lists/oss-security/2013/11/28/13 Reference: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965eac7d167610be69 Reference: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1035875 Reference: https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69 The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0159 https://rhn.redhat.com/errata/RHSA-2014-0159.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0285 https://rhn.redhat.com/errata/RHSA-2014-0285.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2014:0439 https://rhn.redhat.com/errata/RHSA-2014-0439.html