CVE-2013-4512
Published: 12 November 2013
Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.
From the Ubuntu security team
A buffer overflow was discovered in exit function for the Linux kernel when used for User Mode Linux. A local user could exploit this flaw to cause a denial of service or possibly gain administrative privileges.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
lucid |
Ignored
(CVE in User Mode Linux 2.6.32-54.116)
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Ignored
(CVE in User Mode Linux)
|
|
raring |
Ignored
(CVE in User Mode Linux)
|
|
saucy |
Ignored
(CVE in User Mode Linux)
|
|
trusty |
Not vulnerable
(3.12.0-2.5)
|
|
upstream |
Released
(3.12)
|
|
utopic |
Not vulnerable
(3.13.0-24.46)
|
|
linux-armadaxp Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Ignored
(CVE in User Mode Linux)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-ec2 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(CVE in User Mode Linux 2.6.32-359.72)
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-flo Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life, does not affect buildd)
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-grouper Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was ignored [CVE in User Mode Linux])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-linaro-omap Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(abandoned)
|
|
quantal |
Ignored
(abandoned)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-linaro-shared Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(abandoned)
|
|
quantal |
Ignored
(abandoned)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-linaro-vexpress Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(abandoned)
|
|
quantal |
Ignored
(abandoned)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-lts-raring Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-lts-saucy Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Not vulnerable
(3.13.0-24.46~precise1)
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-maguro Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was ignored [CVE in User Mode Linux])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-mako Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-manta Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
upstream |
Released
(3.12)
|
|
utopic |
Ignored
(CVE in User Mode Linux)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life)
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-qcm-msm Launchpad, Ubuntu, Debian |
lucid |
Ignored
(abandoned)
|
precise |
Ignored
(abandoned)
|
|
quantal |
Ignored
(abandoned)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
(CVE in User Mode Linux)
|
|
quantal |
Ignored
(CVE in User Mode Linux)
|
|
raring |
Ignored
(CVE in User Mode Linux)
|
|
saucy |
Ignored
(CVE in User Mode Linux)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.12)
|
|
utopic |
Does not exist
|