Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2049-1
HistoryDec 07, 2013 - 12:00 a.m.

Linux kernel vulnerabilities

2013-12-0700:00:00
ubuntu.com
52

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON

Releases

  • Ubuntu 13.10

Packages

  • linux - Linux kernel

Details

Miroslav Vadkerti discovered a flaw in how the permissions for network
sysctls are handled in the Linux kernel. An unprivileged local user could
exploit this flaw to have privileged access to files in /proc/sys/net/.
(CVE-2013-4270)

A flaw was discovered in the Linux kernel’s dm snapshot facility. A remote
authenticated user could exploit this flaw to obtain sensitive information
or modify/corrupt data. (CVE-2013-4299)

Wannes Rombouts reported a vulnerability in the networking tuntap interface
of the Linux kernel. A local user with the CAP_NET_ADMIN capability could
leverage this flaw to gain full admin privileges. (CVE-2013-4343)

Alan Chester reported a flaw in the IPv6 Stream Control Transmission
Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this
flaw to obtain sensitive information by sniffing network traffic.
(CVE-2013-4350)

Dmitry Vyukov reported a flaw in the Linux kernel’s handling of IPv6 UDP
Fragmentation Offload (UFO) processing. A remote attacker could leverage
this flaw to cause a denial of service (system crash). (CVE-2013-4387)

Hannes Frederic Sowa discovered a flaw in the Linux kernel’s UDP
Fragmentation Offload (UFO). An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2013-4470)

A flaw was discovered in the Linux kernel’s fib6 error-code encoding for
IPv6. A local user with the CAT_NET_ADMIN capability could exploit this
flaw to cause a denial of service (system crash). (CVE-2013-6431)

Evan Huus reported a buffer overflow in the Linux kernel’s radiotap header
parsing. A remote attacker could cause a denial of service (buffer over-
read) via a specially crafted header. (CVE-2013-7027)

An information leak was discovered in the Linux kernel’s SIOCWANDEV ioctl
call. A local user with the CAP_NET_ADMIN capability could exploit this
flaw to obtain potentially sensitive information from kernel memory.
(CVE-2014-1444)

An information leak was discovered in the wanxl ioctl function the Linux
kernel. A local user could exploit this flaw to obtain potentially
sensitive information from kernel memory. (CVE-2014-1445)

OSVersionArchitecturePackageVersionFilename
Ubuntu13.10noarchlinux-image-3.11.0-14-generic< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchblock-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchcrypto-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfat-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfb-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfirewire-core-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfloppy-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfs-core-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchfs-secondary-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Ubuntu13.10noarchinput-modules-3.11.0-14-generic-di< 3.11.0-14.21UNKNOWN
Rows per page:
1-10 of 441

Related

openvas 39
nessus 38
ubuntu 13
securityvulns 4
fedora 3
redhat 6
veracode 15
prion 11
debiancve 11
nvd 11
ubuntucve 11
cvelist 11
cve 11
amazon 2
f5 2
oraclelinux 5
seebug 4
altlinux 1
centos 1
openvas
openvas
Ubuntu: Security Advisory (USN-2049-1)
2013-12-17 00:00:00
Ubuntu Update for linux USN-2049-1
2013-12-17 00:00:00
Ubuntu: Security Advisory (USN-2042-1)
2013-12-04 00:00:00
nessus
nessus
Ubuntu 13.10 : linux vulnerabilities (USN-2049-1)
2013-12-09 00:00:00
Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2041-1)
2013-12-04 00:00:00
Ubuntu 13.04 : linux vulnerabilities (USN-2045-1)
2013-12-04 00:00:00
ubuntu
ubuntu
Linux kernel (Saucy HWE) vulnerabilities
2013-12-03 00:00:00
Linux kernel (Raring HWE) vulnerabilities
2013-12-03 00:00:00
Linux kernel vulnerabilities
2013-12-03 00:00:00
securityvulns
securityvulns
[USN-2049-1] Linux kernel vulnerabilities
2013-12-09 00:00:00
[ MDVSA-2013:265 ] kernel
2013-11-13 00:00:00
Linux kernel security vulnerabilities
2013-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.11.1-300.fc20
2013-09-23 00:36:45
[SECURITY] Fedora 20 Update: kernel-3.11.4-301.fc20
2013-10-13 19:57:12
[SECURITY] Fedora 20 Update: kernel-3.11.7-300.fc20
2013-11-10 07:57:32
redhat
redhat
(RHSA-2014:0100) Important: kernel-rt security and bug fix update
2014-01-28 00:00:00
(RHSA-2013:1490) Important: kernel-rt security and bug fix update
2013-10-31 00:00:00
(RHSA-2013:1860) Moderate: kernel security and bug fix update
2013-12-19 00:00:00
veracode
veracode
Access Controls Bypass
2019-05-16 01:22:57
Denial Of Service (DoS)
2019-05-02 04:56:55
Use-After-Free
2019-05-02 04:56:55
prion
prion
Design/Logic Flaw
2013-12-09 18:55:00
Null pointer dereference
2013-12-09 18:55:00
Code injection
2013-12-09 18:55:00
debiancve
debiancve
CVE-2013-7027
2013-12-09 18:55:10
CVE-2013-6431
2013-12-09 18:55:10
CVE-2013-4270
2013-12-09 18:55:09
nvd
nvd
CVE-2013-7027
2013-12-09 18:55:10
CVE-2013-6431
2013-12-09 18:55:10
CVE-2014-1444
2014-01-18 22:55:03
ubuntucve
ubuntucve
CVE-2013-7027
2013-12-09 00:00:00
CVE-2013-6431
2013-12-09 00:00:00
CVE-2014-1444
2014-01-18 00:00:00
cvelist
cvelist
CVE-2013-7027
2013-12-09 18:00:00
CVE-2013-6431
2013-12-09 18:00:00
CVE-2014-1444
2014-01-18 22:00:00
cve
cve
CVE-2013-7027
2013-12-09 18:55:10
CVE-2013-4270
2013-12-09 18:55:09
CVE-2013-6431
2013-12-09 18:55:10
amazon
amazon
Medium: kernel
2013-10-16 20:53:00
Medium: kernel
2013-12-02 20:30:00
f5
f5
K74007441 : Linux kernel vulnerability CVE-2013-4350
2018-09-26 00:00:00
K56923528 : Linux kernel vulnerability CVE-2013-4343
2018-09-14 00:00:00
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2013-10-18 00:00:00
unbreakable enterprise kernel security update
2013-10-23 00:00:00
unbreakable enterprise kernel security update
2013-10-18 00:00:00
seebug
seebug
Linux Kernel 'wanxl.c'本地信息泄露漏洞
2014-01-17 00:00:00
Linux Kernel 'farsync.c'本地信息泄露漏洞
2014-01-17 00:00:00
Linux Kernel 'sctp_v6_xmit()'函数信息泄露漏洞(CVE-2013-4350)
2013-09-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt12
2013-10-25 00:00:00
centos
centos
kernel, perf, python security update
2013-10-17 16:14:23

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON
Related for USN-2049-1
openvas39nessus38ubuntu13securityvulns4fedora3redhat6veracode15prion11debiancve11nvd11ubuntucve11cvelist11cve11amazon2f52oraclelinux5seebug4altlinux1centos1