CVE-2013-0913

Name of the Vulnerable Software and Affected Versions openSUSE systemtap-runtime-debuginfo (affected versions not specified) openSUSE libvmtools0-debuginfo (affected versions not specified) openSUSE libvmtools-devel (affected versions not specified) openSUSE systemtap (affected versions not specified) openSUSE libvmtools0 (affected versions not specified) openSUSE systemtap-client-debuginfo (affected versions not specified) openSUSE systemtap-client (affected versions not specified) openSUSE systemtap-runtime (affected versions not specified) openSUSE systemtap-server (affected versions not specified) openSUSE systemtap-server-debuginfo (affected versions not specified) openSUSE systemtap-debuginfo (affected versions not specified) openSUSE systemtap-debugsource (affected versions not specified) openSUSE systemtap-sdt-devel (affected versions not specified) Linux kernel versions prior to 3.8.3

Description The issue involves multiple vulnerabilities in various packages of the openSUSE operating system, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. Additionally, an integer overflow in the i915 driver in the Linux kernel can cause a denial of service or have unspecified other impacts via a crafted application.

Recommendations For openSUSE systemtap-runtime-debuginfo, consider disabling the vulnerable components until a patch is available. For openSUSE libvmtools0-debuginfo, restrict access to the vulnerable module to minimize the risk of exploitation. For openSUSE libvmtools-devel, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For openSUSE systemtap, systemtap-client, systemtap-runtime, systemtap-server, systemtap-server-debuginfo, systemtap-debuginfo, systemtap-debugsource, and systemtap-sdt-devel, update to a version that includes the fix for the vulnerability. For Linux kernel versions prior to 3.8.3, update to version 3.8.3 or later to resolve the integer overflow issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability in some of the affected packages.