Published: 22/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 553

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel prior to 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.5.2
linux linux kernel
linux linux kernel 3.5.5
linux linux kernel 3.5.3
linux linux kernel 3.5.4
linux linux kernel 3.5.1

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix several security issues and three bugs arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity im ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Several security issues were fixed in the kernel ...

NVD-CWE-Other http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.7 http://www.openwall.com/lists/oss-security/2013/03/07/2 https://github.com/torvalds/linux/commit/864745d291b5ba80ea0bd0edcbe67273de368836 https://bugzilla.redhat.com/show_bug.cgi?id=919384 http://www.ubuntu.com/usn/USN-1829-1 http://rhn.redhat.com/errata/RHSA-2013-0744.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=864745d291b5ba80ea0bd0edcbe67273de368836 https://access.redhat.com/errata/RHSA-2013:0744 https://www.debian.org/security/./dsa-2668 https://nvd.nist.gov https://usn.ubuntu.com/1652-1/

CVE-2013-1826

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect