Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2013-3231

The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Source

The MITRE CVE dictionary describes this issue as:

The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Find out more about CVE-2013-3231 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of the Linux kernel as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Future kernel
updates for Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2 may
address this issue.

CVSS v2 metrics

Base Score	2.1
Base Metrics	AV:L/AC:L/Au:N/C:P/I:N/A:N
Access Vector	Local
Access Complexity	Low
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	None
Availability Impact	None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform	Errata	Release Date
Red Hat Enterprise Linux 6 (kernel)	RHSA-2013:1645	2013-11-20
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt)	RHSA-2013:0829	2013-05-20
Red Hat Enterprise Linux 5 (kernel)	RHSA-2013:1034	2013-07-10

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-3231

Statement

CVSS v2 metrics

Red Hat Security Errata

Vulmon Search

About

Products

Connect