PT-2013-6339 · Suse+2 · Suse Linux Enterprise+3

Mathy Vanhoef

Published

1970-01-01

Updated

2014-06-23

CVE-2013-4579

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.13

Description The issue allows remote attackers to discover the original MAC address of a Wi-Fi device after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. This is due to the BSSID masking approach used by the ath9k htc set bssid mask function. Multiple vulnerabilities in the SUSE Linux Enterprise operating system's kernel packages may lead to disruptions in confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For Linux kernel versions prior to 3.13, update to a version 3.13 or later to resolve the issue. At the moment, there is no information about specific fixes for the SUSE Linux Enterprise kernel packages, so no specific recommendations can be provided for those.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

ALT-PU-2013-1234

ALT-PU-2014-1012

ALT-PU-2014-1013

ALT-PU-2014-1422

ALT-PU-2014-1547

BDU:2015-04307

BDU:2015-04308

BDU:2015-04309

BDU:2015-04310

CVE-2013-4579

MGASA-2014-0038

MGASA-2014-0043

MGASA-2014-0044

MGASA-2014-0045

MGASA-2014-0055

MGASA-2014-0064

OPENSUSE-SU-2014_0677-1

OPENSUSE-SU-2014_0678-1

SUSE-RU-2015:0621-1

SUSE-SU-2014_0833-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0581-1

SUSE-SU-2015:0736-1

SUSE-SU-2015:1174-1

SUSE-SU-2015:1376-1

USN-2113-1

USN-2117-1

USN-2133-1

USN-2134-1

USN-2135-1

USN-2136-1

USN-2138-1

USN-2139-1

USN-2141-1

Affected Products

Alt Linux

Linux Kernel

Suse Linux Enterprise

Suse

PT-2013-6339 · Suse+2 · Suse Linux Enterprise+3

CVE-2013-4579

Weakness Enumeration

Related Identifiers

Affected Products

References · 481