Vulnerability Details : CVE-2013-3237
The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.
Vulnerability category: Information leak
Products affected by CVE-2013-3237
- cpe:2.3:o:linux:linux_kernel:*:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-3237
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-3237
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:C/I:N/A:N |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2013-3237
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-3237
-
https://lkml.org/lkml/2013/4/14/107
LKML: Linus Torvalds: Linux 3.9-rc7Vendor Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d5e0d0f607a7a029c6563a0470d88255c89a8d11
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://www.openwall.com/lists/oss-security/2013/04/14/3
oss-security - Linux kernel: more net info leak fixes for v3.9
-
https://github.com/torvalds/linux/commit/d5e0d0f607a7a029c6563a0470d88255c89a8d11
VSOCK: Fix missing msg_namelen update in vsock_stream_recvmsg() · torvalds/linux@d5e0d0f · GitHubVendor Advisory
Jump to