Launchpad.net

CVE 2013-3236

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Related bugs and status

CVE-2013-3236 (Candidate) is related to these bugs:

Bug #1172405: CVE-2013-3236

		In	Importance	Status
1172405	CVE-2013-3236	linux (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu)	Undecided	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu)	Low	Fix Committed
1172405	CVE-2013-3236	linux-ec2 (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-ec2 (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu Raring)	Undecided	Invalid
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-ec2 (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu Quantal)	Undecided	Invalid
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-ec2 (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Invalid
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-ec2 (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu Lucid)	Undecided	Won't Fix
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-armadaxp (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-ec2 (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-fsl-imx51 (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-maverick (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-backport-natty (Ubuntu Saucy)	Undecided	Invalid
1172405	CVE-2013-3236	linux-lts-backport-oneiric (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-quantal (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-mvl-dove (Ubuntu Saucy)	Low	Invalid
1172405	CVE-2013-3236	linux-ti-omap4 (Ubuntu Saucy)	Low	Won't Fix
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu Lucid)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu Precise)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu Quantal)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu Raring)	Low	Invalid
1172405	CVE-2013-3236	linux-lts-raring (Ubuntu Saucy)	Low	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-3236

Related bugs and status

Related bugs

References