Published: 22/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 553

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

fs/ext3/super.c in the Linux kernel prior to 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.8.2
linux linux kernel 3.8.0
linux linux kernel
linux linux kernel 3.8.1

Several security issues were fixed in the kernel ...

The bt_sock_recvmsg function in net/bluetooth/af_bluetoothc in the Linux kernel before 39-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call The udf_encode_fh function in fs/udf/nameic in the Linux kerne ...

CWE-20 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4 https://bugzilla.redhat.com/show_bug.cgi?id=920783 https://github.com/torvalds/linux/commit/8d0c2d10dd72c5292eda7a06231056a4c972e4cc http://www.openwall.com/lists/oss-security/2013/03/20/8 http://www.ubuntu.com/usn/USN-1813-1 http://www.ubuntu.com/usn/USN-1812-1 http://www.ubuntu.com/usn/USN-1809-1 http://www.ubuntu.com/usn/USN-1811-1 http://www.ubuntu.com/usn/USN-1814-1 http://rhn.redhat.com/errata/RHSA-2013-0928.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://rhn.redhat.com/errata/RHSA-2013-1026.html http://rhn.redhat.com/errata/RHSA-2013-1051.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d0c2d10dd72c5292eda7a06231056a4c972e4cc https://nvd.nist.gov https://usn.ubuntu.com/1809-1/

CVE-2013-1848

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect