CVE-2013-2237

Bug #1198296 reported by John Johansen on 2013-07-05
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-armadaxp (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-ec2 (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-flo (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-fsl-imx51 (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-goldfish (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-lts-backport-maverick (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Raring
Undecided
Unassigned
Saucy
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
linux-lts-backport-natty (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Raring
Undecided
Unassigned
Saucy
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
linux-lts-quantal (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-lts-raring (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-lts-saucy (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-lts-trusty (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-lts-utopic (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-mako (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-manta (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-mvl-dove (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
linux-ti-omap4 (Ubuntu)
Low
Unassigned
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned

Bug Description

The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.

Break-Fix: - 85dfb745ee40232876663ae206cba35f24ab2a40

John Johansen (jjohansen) wrote :

CVE-2013-2237

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Saucy):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Raring):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Saucy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Raring):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Saucy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Raring):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Saucy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Raring):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Raring):
importance: Undecided → Low
Changed in linux (Ubuntu Precise):
importance: Undecided → Low
Changed in linux (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Raring):
importance: Undecided → Low
Changed in linux (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Saucy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Lucid):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.32-50.112

---------------
linux (2.6.32-50.112) lucid; urgency=low

  [Brad Figg]

  * Release Tracking Bug
    - LP: #1199494

  [ Upstream Kernel Changes ]

  * block: do not pass disk names as format strings
    - LP: #1189832
    - CVE-2013-2851
  * drivers/cdrom/cdrom.c: use kzalloc() for failing hardware
    - LP: #1191463
    - CVE-2013-2164
  * ipv6: ip6_sk_dst_check() must not assume ipv6 dst
    - LP: #1198293
    - CVE-2013-2232
  * af_key: fix info leaks in notify messages
    - LP: #1198294
    - CVE-2013-2234
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1198296
    - CVE-2013-2237
 -- Brad Figg <email address hidden> Tue, 09 Jul 2013 13:10:40 -0700

Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ec2 - 2.6.32-355.68

---------------
linux-ec2 (2.6.32-355.68) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-50.112
  * Release Tracking Bug
    - LP: #1199600

  [ Ubuntu: 2.6.32-50.112 ]

  * block: do not pass disk names as format strings
    - LP: #1189832
    - CVE-2013-2851
  * drivers/cdrom/cdrom.c: use kzalloc() for failing hardware
    - LP: #1191463
    - CVE-2013-2164
  * ipv6: ip6_sk_dst_check() must not assume ipv6 dst
    - LP: #1198293
    - CVE-2013-2232
  * af_key: fix info leaks in notify messages
    - LP: #1198294
    - CVE-2013-2234
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1198296
    - CVE-2013-2237
 -- Stefan Bader <email address hidden> Wed, 10 Jul 2013 12:39:45 +0200

Changed in linux-ec2 (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Saucy):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Raring):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux-lts-quantal (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Raring):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Raring):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-lts-raring (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: Fix Committed → Invalid
Changed in linux-ti-omap4 (Ubuntu Raring):
status: Fix Committed → Won't Fix
Rolf Leggewie (r0lf) wrote :

saucy has seen the end of its life and is no longer receiving any updates. Marking the saucy task for this ticket as "Won't Fix".

Changed in linux-ti-omap4 (Ubuntu Saucy):
status: Fix Committed → Won't Fix
no longer affects: linux-lts-trusty (Ubuntu Quantal)
no longer affects: linux-lts-trusty (Ubuntu Raring)
no longer affects: linux-lts-trusty (Ubuntu Saucy)
no longer affects: linux-armadaxp (Ubuntu Quantal)
no longer affects: linux-armadaxp (Ubuntu Raring)
no longer affects: linux-armadaxp (Ubuntu Saucy)
no longer affects: linux-ec2 (Ubuntu Quantal)
no longer affects: linux-ec2 (Ubuntu Raring)
no longer affects: linux-ec2 (Ubuntu Saucy)
no longer affects: linux-goldfish (Ubuntu Quantal)
no longer affects: linux-goldfish (Ubuntu Raring)
no longer affects: linux-goldfish (Ubuntu Saucy)
no longer affects: linux-lts-saucy (Ubuntu Quantal)
no longer affects: linux-lts-saucy (Ubuntu Raring)
no longer affects: linux-lts-saucy (Ubuntu Saucy)
no longer affects: linux-lts-quantal (Ubuntu Quantal)
no longer affects: linux-lts-quantal (Ubuntu Raring)
no longer affects: linux-lts-quantal (Ubuntu Saucy)
no longer affects: linux-mvl-dove (Ubuntu Quantal)
no longer affects: linux-mvl-dove (Ubuntu Raring)
no longer affects: linux-mvl-dove (Ubuntu Saucy)
no longer affects: linux-ti-omap4 (Ubuntu Quantal)
no longer affects: linux-ti-omap4 (Ubuntu Raring)
no longer affects: linux-ti-omap4 (Ubuntu Saucy)
no longer affects: linux (Ubuntu Quantal)
no longer affects: linux (Ubuntu Raring)
no longer affects: linux (Ubuntu Saucy)
no longer affects: linux-mako (Ubuntu Quantal)
no longer affects: linux-mako (Ubuntu Raring)
no longer affects: linux-mako (Ubuntu Saucy)
no longer affects: linux-fsl-imx51 (Ubuntu Quantal)
no longer affects: linux-fsl-imx51 (Ubuntu Raring)
no longer affects: linux-fsl-imx51 (Ubuntu Saucy)
no longer affects: linux-lts-utopic (Ubuntu Quantal)
no longer affects: linux-lts-utopic (Ubuntu Raring)
no longer affects: linux-lts-utopic (Ubuntu Saucy)
no longer affects: linux-flo (Ubuntu Quantal)
no longer affects: linux-flo (Ubuntu Raring)
no longer affects: linux-flo (Ubuntu Saucy)
no longer affects: linux-lts-raring (Ubuntu Quantal)
no longer affects: linux-lts-raring (Ubuntu Raring)
no longer affects: linux-lts-raring (Ubuntu Saucy)
no longer affects: linux-manta (Ubuntu Quantal)
no longer affects: linux-manta (Ubuntu Raring)
no longer affects: linux-manta (Ubuntu Saucy)
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-trusty (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-trusty (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Vivid):
importance: Undecided → Low
Changed in linux-manta (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Vivid):
importance: Undecided → Low
Changed in linux-mako (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Vivid):
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Vivid):
importance: Undecided → Low
Changed in linux-flo (Ubuntu Utopic):
importance: Undecided → Low
no longer affects: linux-lts-trusty (Ubuntu Lucid)
no longer affects: linux-armadaxp (Ubuntu Lucid)
no longer affects: linux-ec2 (Ubuntu Lucid)
no longer affects: linux-goldfish (Ubuntu Lucid)
no longer affects: linux-lts-saucy (Ubuntu Lucid)
no longer affects: linux-lts-quantal (Ubuntu Lucid)
no longer affects: linux-mvl-dove (Ubuntu Lucid)
no longer affects: linux-ti-omap4 (Ubuntu Lucid)
no longer affects: linux (Ubuntu Lucid)
no longer affects: linux-mako (Ubuntu Lucid)
no longer affects: linux-fsl-imx51 (Ubuntu Lucid)
no longer affects: linux-lts-utopic (Ubuntu Lucid)
no longer affects: linux-flo (Ubuntu Lucid)
no longer affects: linux-lts-raring (Ubuntu Lucid)
no longer affects: linux-manta (Ubuntu Lucid)
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers