CVE 2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network.
Related bugs and status
CVE-2013-4350 (Candidate) is related to these bugs:
Bug #1226497: CVE-2013-4350
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1226497 | CVE-2013-4350 | linux (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-fsl-imx51 (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-mvl-dove (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-ti-omap4 (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ec2 (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Saucy) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Saucy) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Raring) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Raring) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Quantal) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Quantal) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux (Ubuntu Precise) | Medium | Fix Released | ||
| 1226497 | CVE-2013-4350 | linux-ec2 (Ubuntu Precise) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-fsl-imx51 (Ubuntu Precise) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Precise) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-mvl-dove (Ubuntu Precise) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ti-omap4 (Ubuntu Precise) | Medium | Fix Released | ||
| 1226497 | CVE-2013-4350 | linux (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ec2 (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-fsl-imx51 (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Lucid) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Lucid) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-mvl-dove (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ti-omap4 (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-armadaxp (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-armadaxp (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-armadaxp (Ubuntu Precise) | Medium | Fix Released | ||
| 1226497 | CVE-2013-4350 | linux-lts-quantal (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-quantal (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-quantal (Ubuntu Precise) | Medium | Fix Released | ||
| 1226497 | CVE-2013-4350 | linux-lts-raring (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-raring (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-raring (Ubuntu Precise) | Medium | Fix Released | ||
| 1226497 | CVE-2013-4350 | linux (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-armadaxp (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ec2 (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-fsl-imx51 (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Trusty) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Trusty) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-quantal (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-raring (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-mvl-dove (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ti-omap4 (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-saucy (Ubuntu) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-saucy (Ubuntu Lucid) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-saucy (Ubuntu Precise) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-saucy (Ubuntu Trusty) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-armadaxp (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ec2 (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-fsl-imx51 (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-maverick (Ubuntu Utopic) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-backport-natty (Ubuntu Utopic) | Undecided | Won't Fix | ||
| 1226497 | CVE-2013-4350 | linux-lts-quantal (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-raring (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-lts-saucy (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-mvl-dove (Ubuntu Utopic) | Medium | Invalid | ||
| 1226497 | CVE-2013-4350 | linux-ti-omap4 (Ubuntu Utopic) | Medium | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
