CVE-2013-1826

Published Mar 22, 2013

Last updated 3 months ago

CVSS info 6.2

Overview

Description: The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.2
Impact score: 10
Exploitability score: 1.9
Vector string: AV:L/AC:H/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Impact: Per https://bugzilla.redhat.com/show_bug.cgi?id=919384 "This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6 may address this issue."
Solution: Per https://bugzilla.redhat.com/show_bug.cgi?id=919384 "This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6 may address this issue."

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F163243-B6A0-4018-9B03-673F36E1741C",
            "versionEndIncluding": "3.5.6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "962B0C45-AB29-4383-AC16-C6E8245D0FF7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0EE126B-74B2-4F79-BFE1-3DC169F3F9B2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "392075E0-A9C7-4B4A-90F9-7F1ADFF5EFA7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECC66968-06F0-4874-A95A-A292C36E45C1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FE986E6-1068-4E1B-8EAB-DF1EAF32B4E3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References