Bug 914664 (CVE-2013-0343) - CVE-2013-0343 kernel: handling of IPv6 temporary addresses
Summary: CVE-2013-0343 kernel: handling of IPv6 temporary addresses
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-0343
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 999361 999362 999364 999365 999368 999371 999380
Blocks: 883700
TreeView+ depends on / blocked
 
Reported: 2013-02-22 13:02 UTC by Prasad Pandit
Modified: 2021-02-17 08:00 UTC (History)
27 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-11-25 16:39:42 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:1449 0 normal SHIPPED_LIVE Moderate: kernel security and bug fix update 2013-10-22 21:30:54 UTC
Red Hat Product Errata RHSA-2013:1490 0 normal SHIPPED_LIVE Important: kernel-rt security and bug fix update 2013-10-31 20:23:39 UTC
Red Hat Product Errata RHSA-2013:1645 0 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 6 kernel update 2013-11-20 22:04:18 UTC

Description Prasad Pandit 2013-02-22 13:02:54 UTC 
Due to the way the Linux kernel handles the creation of IPv6 temporary
addresses a malicious LAN user can remotely disable them altogether
which may lead to privacy violations and information disclosure.

Reference:
  -> http://seclists.org/oss-sec/2012/q4/292
  -> http://seclists.org/oss-sec/2013/q1/92
Comment 2 Petr Matousek 2013-08-20 15:46:05 UTC 
Upstream commit:

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=4b08a8f1bd8cb4541c93ec170027b4d0782dab52
Comment 5 Prasad Pandit 2013-08-21 08:55:19 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 999380]
Comment 6 Fedora Update System 2013-08-23 00:32:12 UTC 
kernel-3.10.9-100.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2013-08-23 00:44:24 UTC 
kernel-3.10.9-200.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 errata-xmlrpc 2013-10-22 17:32:06 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:1449 https://rhn.redhat.com/errata/RHSA-2013-1449.html
Comment 10 errata-xmlrpc 2013-10-31 16:33:30 UTC 
This issue has been addressed in following products:

  MRG for RHEL-6 v.2

Via RHSA-2013:1490 https://rhn.redhat.com/errata/RHSA-2013-1490.html
Comment 11 errata-xmlrpc 2013-11-21 16:07:23 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:1645 https://rhn.redhat.com/errata/RHSA-2013-1645.html
Comment 12 Vincent Danen 2013-11-25 16:39:42 UTC 
Statement:

(none)
Note You need to log in before you can comment on or make changes to this bug.