CVE-2013-1828 in Linuxالمعلومات

الملخص

بحسب MITRE

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

19/02/2013

إفشاء

22/03/2013

الاعتدال

تمت الموافقة

إدخال

VDB-7938

استغلال

تحميل

EPSS

0.01014

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!