CVE-2013-2546

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.8.3

Description The issue concerns the report API in the crypto user configuration API of the Linux kernel. It uses an incorrect C library function for copying strings, allowing local users with the CAP NET ADMIN capability to obtain sensitive information from kernel stack memory.

Recommendations For versions prior to 3.8.3, update to version 3.8.3 or later to resolve the issue.