CVE-2013-7263

Published: 06 January 2014

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

From the Ubuntu security team

mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory.

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263
• https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69
• https://bugzilla.redhat.com/show_bug.cgi?id=1035875
• http://www.openwall.com/lists/oss-security/2013/11/28/13
• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965eac7d167610be69
• https://ubuntu.com/security/notices/USN-2107-1
• https://ubuntu.com/security/notices/USN-2108-1
• https://ubuntu.com/security/notices/USN-2109-1
• https://ubuntu.com/security/notices/USN-2110-1
• https://ubuntu.com/security/notices/USN-2113-1
• https://ubuntu.com/security/notices/USN-2117-1
• https://ubuntu.com/security/notices/USN-2135-1
• https://ubuntu.com/security/notices/USN-2136-1
• https://ubuntu.com/security/notices/USN-2138-1
• https://ubuntu.com/security/notices/USN-2139-1
• https://ubuntu.com/security/notices/USN-2141-1
• NVD
• Launchpad
• Debian

Bugs

• https://launchpad.net/bugs/1267075