PT-2013-3864 · Linux+3 · Linux Kernel+3

David S. Miller

Published

2013-03-22

Updated

2014-02-07

CVE-2013-2634

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.8.4

Description The issue allows local users to obtain sensitive information from kernel stack memory. This is due to the failure of the net/dcb/dcbnl.c module in the Linux kernel to initialize certain structures, which can be exploited via a crafted application.

Recommendations For versions prior to 3.8.4, update to version 3.8.4 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CESA-2013_1051

CVE-2013-2634

DSA-2668-1

OPENSUSE-SU-2013_1187-1

RHSA-2013:0829

RHSA-2013:1051

RHSA-2013:1080

RHSA-2013_1051

SUSE-SU-2015:0481-1

SUSE-SU-2015:0652-1

USN-1809-1

USN-1811-1

USN-1812-1

USN-1813-1

USN-1814-1

USN-1824-1

USN-1829-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

PT-2013-3864 · Linux+3 · Linux Kernel+3

CVE-2013-2634

Weakness Enumeration

Related Identifiers

Affected Products

References · 33