CVE-2013-1828

NONECVSS 0.0

0.0

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

🔗 References (16)

secalert@redhathttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=726bc6b092da4c093eb74d13c07184b18c1af0f1
secalert@redhathttp://grsecurity.net/~spender/sctp.c
secalert@redhathttp://twitter.com/grsecurity/statuses/309805924749541376
secalert@redhathttp://www.exploit-db.com/exploits/24747
secalert@redhathttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
secalert@redhathttp://www.openwall.com/lists/oss-security/2013/03/08/2
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=919315
secalert@redhathttps://github.com/torvalds/linux/commit/726bc6b092da4c093eb74d13c07184b18c1af0f1
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=726bc6b092da4c093eb74d13c07184b18c1af0f1
af854a3a-2127-422b-91ae-364da2661108http://grsecurity.net/~spender/sctp.c
af854a3a-2127-422b-91ae-364da2661108http://twitter.com/grsecurity/statuses/309805924749541376
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/24747
af854a3a-2127-422b-91ae-364da2661108http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/03/08/2
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=919315

Is Your Infrastructure Affected by CVE-2013-1828?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1828

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1828?