[USN-1995-1] Linux kernel (Raring HWE) vulnerabilities
Several security issues were fixed in the kernel.
An information leak was discovered in the Linux kernel when reading
broadcast messages from the notify_policy interface of the IPSec
key_socket. A local user could exploit this flaw to examine potentially
sensitive information in kernel memory. (CVE-2013-2237)
Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of
the Linux kernel. A physically proximate attacker could exploit this flaw
to execute arbitrary code or cause a denial of service (heap memory
corruption) via a specially crafted device that provides an invalid Report
ID. (CVE-2013-2888)
Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically
proximate attacker could cause a denial of service (heap out-of-bounds
write) via a specially crafted device. (CVE-2013-2892)
Kees Cook discovered a vulnerability in the Linux Kernel's Human Interface
Device (HID) subsystem's support for N-Trig touch screens. A physically
proximate attacker could exploit this flaw to cause a denial of service
(OOPS) via a specially crafted device. (CVE-2013-2896)
Kees Cook discovered an information leak in the Linux kernel's Human
Interface Device (HID) subsystem when CONFIG_HID_SENSOR_HUB is enabled. A
physically proximate attacker could obtain potentially sensitive
information from kernel memory via a specially crafted device.
(CVE-2013-2898)
Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A physically
proximate attacker could exploit this flaw to cause a denial of service
(OOPS) via a specially crafted device. (CVE-2013-2899)
A flaw was discovered in how the Linux Kernel's networking stack checks scm
credentials when used with namespaces. A local attacker could exploit this
flaw to gain privileges. (CVE-2013-4300)
- ID
- USN-1995-1
- Severity
- high
- Severity from
- CVE-2013-4300
- URL
- https://ubuntu.com/security/notices/USN-1995-1
- Published
-
2013-10-22T00:28:31
(11 years ago) - Modified
-
2013-10-22T00:28:31
(11 years ago) - Other Advisories
-
- DSA-2745-1
- ELSA-2013-1166
- ELSA-2013-1173
- ELSA-2013-1645
- ELSA-2013-2542
- ELSA-2013-2543
- ELSA-2013-2583
- ELSA-2013-2584
- ELSA-2013-2585
- ELSA-2014-0433
- ELSA-2014-3002
- FEDORA-2013-16336
- FEDORA-2013-16379
- FEDORA-2013-17010
- FEDORA-2013-17012
- FEDORA-2013-17865
- FEDORA-2013-17942
- FEDORA-2013-18364
- FEDORA-2013-18820
- FEDORA-2013-18822
- FEDORA-2013-20547
- FEDORA-2013-20748
- FEDORA-2013-21807
- FEDORA-2013-21822
- FEDORA-2013-22669
- FEDORA-2013-22695
- FEDORA-2013-23653
- FEDORA-2014-0684
- FEDORA-2014-1072
- FEDORA-2014-11008
- FEDORA-2014-13020
- FEDORA-2014-14068
- FEDORA-2014-17244
- FEDORA-2014-2606
- FEDORA-2014-2887
- FEDORA-2014-3448
- FEDORA-2014-4360
- FEDORA-2014-4849
- FEDORA-2014-5609
- FEDORA-2014-6354
- FEDORA-2014-7320
- FEDORA-2014-7426
- FEDORA-2014-8487
- FEDORA-2014-9142
- FEDORA-2014-9449
- RHSA-2013:1173
- RHSA-2013:1645
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-1912-1
- USN-1913-1
- USN-1970-1
- USN-1972-1
- USN-1973-1
- USN-1976-1
- USN-1977-1
- USN-1992-1
- USN-1993-1
- USN-1998-1
- USN-2019-1
- USN-2021-1
- USN-2022-1
- USN-2024-1
- USN-2038-1
- USN-2039-1
- USN-2050-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |