CVE-2013-2547

NONECVSS 0.0

0.0

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

🔗 References (20)

cve@mitrehttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
cve@mitrehttp://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2013:176
cve@mitrehttp://www.openwall.com/lists/oss-security/2013/03/05/13
cve@mitrehttp://www.ubuntu.com/usn/USN-1793-1
cve@mitrehttp://www.ubuntu.com/usn/USN-1794-1
cve@mitrehttp://www.ubuntu.com/usn/USN-1795-1
cve@mitrehttp://www.ubuntu.com/usn/USN-1796-1
cve@mitrehttp://www.ubuntu.com/usn/USN-1797-1
cve@mitrehttps://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/03/05/13
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1793-1

Is Your Infrastructure Affected by CVE-2013-2547?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-2547

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-2547?