[USN-1883-1] Linux kernel (OMAP4) vulnerabilities
Several security issues were fixed in the kernel.
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.
(CVE-2013-2850)
Andy Lutomirski discover an error in the Linux kernel's credential handling
on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)
An information leak was discovered in the Linux kernel when inotify is used
to monitor the /dev/ptmx device. A local user could exploit this flaw to
discover keystroke timing and potentially discover sensitive information
like password length. (CVE-2013-0160)
An information leak was discovered in the Linux kernel's tkill and tgkill
system calls when used from compat processes. A local user could exploit
this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)
An information leak was discovered in the Linux kernel's crypto API. A
local user could exploit this flaw to examine potentially sensitive
information from the kernel's stack memory. (CVE-2013-3076)
An information leak was discovered in the Linux kernel's rcvmsg path for
ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3222)
An information leak was discovered in the Linux kernel's recvmsg path for
ax25 address family. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3223)
An information leak was discovered in the Linux kernel's recvmsg path for
the bluetooth address family. A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3224)
An information leak was discovered in the Linux kernel's bluetooth rfcomm
protocol support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3225)
An information leak was discovered in the Linux kernel's CAIF protocol
implementation. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3227)
An information leak was discovered in the Linux kernel's IRDA (infrared)
support subsystem. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3228)
An information leak was discovered in the Linux kernel's s390 - z/VM
support. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3229)
An information leak was discovered in the Linux kernel's l2tp (Layer Two
Tunneling Protocol) implementation. A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3230)
An information leak was discovered in the Linux kernel's llc (Logical Link
Layer 2) support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3231)
An information leak was discovered in the Linux kernel's receive message
handling for the netrom address family. A local user could exploit this
flaw to obtain sensitive information from the kernel's stack memory.
(CVE-2013-3232)
An information leak was discovered in the Linux kernel's nfc (near field
communication) support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3233)
An information leak was discovered in the Linux kernel's Rose X.25 protocol
layer. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3234)
An information leak was discovered in the Linux kernel's TIPC (Transparent
Inter Process Communication) protocol implementation. A local user could
exploit this flaw to examine potentially sensitive information from the
kernel's stack memory. (CVE-2013-3235)
- ID
- USN-1883-1
- Severity
- high
- Severity from
- CVE-2013-2850
- URL
- https://ubuntu.com/security/notices/USN-1883-1
- Published
-
2013-06-14T07:24:42
(11 years ago) - Modified
-
2013-06-14T07:24:42
(11 years ago) - Other Advisories
-
- ALAS-2013-200
- ALAS-2013-218
- ALAS-2013-233
- DSA-2669-1
- ELSA-2013-1034
- ELSA-2013-1051
- ELSA-2013-1292
- ELSA-2013-1645
- ELSA-2013-1801
- ELSA-2013-2525
- ELSA-2013-2537
- ELSA-2013-2538
- ELSA-2013-2546
- ELSA-2013-2584
- ELSA-2013-2585
- ELSA-2013-2589
- ELSA-2014-3002
- FEDORA-2013-10050
- FEDORA-2013-10695
- FEDORA-2013-12530
- FEDORA-2013-12990
- FEDORA-2013-13536
- FEDORA-2013-15151
- FEDORA-2013-16336
- FEDORA-2013-17010
- FEDORA-2013-17942
- FEDORA-2013-18364
- FEDORA-2013-18822
- FEDORA-2013-20748
- FEDORA-2013-21822
- FEDORA-2013-22695
- FEDORA-2013-6537
- FEDORA-2013-6999
- FEDORA-2013-9123
- RHSA-2013:1051
- RHSA-2013:1645
- RHSA-2013:1801
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-1815-1
- USN-1833-1
- USN-1837-1
- USN-1839-1
- USN-1844-1
- USN-1845-1
- USN-1846-1
- USN-1847-1
- USN-1849-1
- USN-1876-1
- USN-1877-1
- USN-1878-1
- USN-1879-1
- USN-1880-1
- USN-1881-1
- USN-1882-1
- USN-1899-1
- USN-1900-1
- USN-1916-1
- USN-2128-1
- USN-2129-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |