CVE-2013-4515

Published: 12 November 2013

The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.

From the Ubuntu security team

Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory.

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4515
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d1e72250c847fa96498ec029891de4dc638a5ba
• https://ubuntu.com/security/notices/USN-2066-1
• https://ubuntu.com/security/notices/USN-2067-1
• https://ubuntu.com/security/notices/USN-2068-1
• https://ubuntu.com/security/notices/USN-2069-1
• https://ubuntu.com/security/notices/USN-2070-1
• https://ubuntu.com/security/notices/USN-2071-1
• https://ubuntu.com/security/notices/USN-2072-1
• https://ubuntu.com/security/notices/USN-2073-1
• https://ubuntu.com/security/notices/USN-2074-1
• https://ubuntu.com/security/notices/USN-2075-1
• https://ubuntu.com/security/notices/USN-2076-1
• NVD
• Launchpad
• Debian

Bugs

• https://launchpad.net/bugs/1249276