CVE-2013-1828 in Kernelinfo

Zusammenfassung (Englisch)

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservieren

19.02.2013

Veröffentlichung

22.03.2013

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
7938	Linux Kernel sctp_getsockopt_assoc_stats erweiterte Rechte	20	Proof-of-Concept	Offizieller Fix	CVE-2013-1828

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Want to know what is going to be exploited?

We predict KEV entries!