CVE-2013-2224
Publication date 4 July 2013
Last updated 24 July 2024
Ubuntu priority
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 13.04 raring |
Not affected
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
linux-armadaxp | 13.04 raring | Not in release |
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
linux-ec2 | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid |
Not affected
|
|
linux-fsl-imx51 | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Ignored end of life | |
linux-linaro-omap | 13.04 raring | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-linaro-shared | 13.04 raring | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-linaro-vexpress | 13.04 raring | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-lts-backport-maverick | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Ignored end of life | |
linux-lts-quantal | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
linux-lts-raring | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
linux-mvl-dove | 13.04 raring | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Ignored end of life | |
linux-qcm-msm | 13.04 raring | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
linux-ti-omap4 | 13.04 raring |
Not affected
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release |
Notes
seth-arnold
Unprivileged user kernel crash demonstrated; code execution neither confirmed nor denied.
henrix
This is a Red Hat specific bug introduced by their CVE-2012-3552 fix. This was a backport of upstream f6d8bd051c391c1c0458a30b2a7abcd939329259. Only Lucid contains a backport of this commit (all the other Ubuntu kernels include the upstream commit) and Lucid backport is quite different from RH one (it was picked from upstream 3.2, which picked it from Debian).