Input validation error in Linux kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2013-7263 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Input validation error
EUVDB-ID: #VU42180
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-7263
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 3.0 - 3.12.2
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:3.0.9:*:*:*:*:*:*:*
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965eac7d167610be69
https://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
https://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
https://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
https://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
https://rhn.redhat.com/errata/RHSA-2014-0159.html
https://rhn.redhat.com/errata/RHSA-2014-0285.html
https://seclists.org/oss-sec/2014/q1/29
https://secunia.com/advisories/55882
https://secunia.com/advisories/56036
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
https://www.openwall.com/lists/oss-security/2013/11/28/13
https://www.ubuntu.com/usn/USN-2107-1
https://www.ubuntu.com/usn/USN-2108-1
https://www.ubuntu.com/usn/USN-2109-1
https://www.ubuntu.com/usn/USN-2110-1
https://www.ubuntu.com/usn/USN-2113-1
https://www.ubuntu.com/usn/USN-2117-1
https://www.ubuntu.com/usn/USN-2135-1
https://www.ubuntu.com/usn/USN-2136-1
https://www.ubuntu.com/usn/USN-2138-1
https://www.ubuntu.com/usn/USN-2139-1
https://www.ubuntu.com/usn/USN-2141-1
https://bugzilla.redhat.com/show_bug.cgi?id=1035875
https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
