Your submission was sent successfully! Close

CVE-2013-4588

Published: 20 November 2013

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. A user/program with CAP_NET_ADMIN privileges could use this flaw to further escalate their privileges on a system.

From the Ubuntu security team

A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit this flaw to gain additional administrative privileges.

Priority

Medium

CVSS 3 base score: 7.0

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
lucid
Released (2.6.32-55.117)
precise Not vulnerable
(3.1.0-1.1)
quantal Not vulnerable
(3.4.0-1.1)
raring Not vulnerable
(3.7.0-0.5)
saucy Not vulnerable
(3.9.0-0.2)
upstream
Released (2.6.33~rc4)
Patches:
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 04bcef2a83f40c6db24222b27a52892cba39dffb
linux-armadaxp
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.2.0-1600.1)
quantal Not vulnerable
(3.2.0-1602.5)
raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
lucid
Released (2.6.32-360.73)
precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life, does not affect buildd)
precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-linaro-omap
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
quantal Ignored
(abandoned)
raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-linaro-shared
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
quantal Ignored
(abandoned)
raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
quantal Ignored
(abandoned)
raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-lts-quantal
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.5.0-18.29~precise1)
quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-lts-raring
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.8.0-19.30~precise1)
quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-lts-saucy
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.11.0-13.20~precise2)
quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-mvl-dove
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-qcm-msm
Launchpad, Ubuntu, Debian
lucid Ignored
(abandoned)
precise Ignored
(abandoned)
quantal Ignored
(abandoned)
raring Does not exist

saucy Does not exist

upstream
Released (2.6.33~rc4)
linux-ti-omap4
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.0.0-1401.2)
quantal Not vulnerable
(3.4.0-201.2)
raring Not vulnerable
(3.5.0-213.20)
saucy Not vulnerable
(3.5.0-223.34)
upstream
Released (2.6.33~rc4)