CVE-2013-3236 : The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published 2013-04-22 11:41:02

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2013-3236

Linux » Linux Kernel » Update RC6
Versions up to, including, (<=) 3.9
cpe:2.3:o:linux:linux_kernel:*:rc6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.9 Update RC3
cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.9 Update RC2
cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.9 Update RC4
cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.9 Update RC1
cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.9 Update RC5
cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-3236

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 14 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-3236

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.9	MEDIUM	AV:L/AC:L/Au:N/C:C/I:N/A:N	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: None Availability Impact: None

CWE ids for CVE-2013-3236

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-3236

http://xforce.iss.net/xforce/xfdb/83698
http://www.securityfocus.com/bid/59391
http://www.openwall.com/lists/oss-security/2013/04/22/3
http://www.openwall.com/lists/oss-security/2013/04/23/2
https://lkml.org/lkml/2013/4/14/107

LKML: Linus Torvalds: Linux 3.9-rc7
Vendor Advisory

CVEs referencing this url
https://github.com/torvalds/linux/commit/680d04e0ba7e926233e3b9cee59125ce181f66ba

VSOCK: vmci - fix possible info leak in vmci_transport_dgram_dequeue() · torvalds/linux@680d04e · GitHub
Vendor Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=680d04e0ba7e926233e3b9cee59125ce181f66ba

kernel/git/torvalds/linux.git - Linux kernel source tree
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/04/22/11
http://www.openwall.com/lists/oss-security/2013/04/22/13
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=680d04e0ba7e926233e3b9cee59125ce181f66ba
http://www.openwall.com/lists/oss-security/2013/04/14/3

oss-security - Linux kernel: more net info leak fixes for v3.9

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2013/04/22/14

Jump to

Vulnerability Details : CVE-2013-3236

Products affected by CVE-2013-3236

Exploit prediction scoring system (EPSS) score for CVE-2013-3236

CVSS scores for CVE-2013-3236

CWE ids for CVE-2013-3236

References for CVE-2013-3236