CVE-2013-1828

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.8.4

Description The issue concerns a function in the Linux kernel that does not properly validate a size value before performing a specific operation, allowing local users to potentially gain privileges. This is achieved through a crafted application that utilizes a particular system call.

Recommendations For Linux kernel versions prior to 3.8.4, update to version 3.8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the sctp getsockopt assoc stats function until a patch is available.