Launchpad.net

CVE 2013-2635

The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Related bugs and status

CVE-2013-2635 (Candidate) is related to these bugs:

Bug #1158968: CVE-2013-2635

		In	Importance	Status
1158968	CVE-2013-2635	linux (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-fsl-imx51 (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-mvl-dove (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu)	Undecided	Invalid
1158968	CVE-2013-2635	linux-ti-omap4 (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-ec2 (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Raring)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Raring)	Undecided	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Quantal)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Quantal)	Undecided	Invalid
1158968	CVE-2013-2635	linux (Ubuntu Precise)	Low	Fix Released
1158968	CVE-2013-2635	linux-ec2 (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-fsl-imx51 (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Invalid
1158968	CVE-2013-2635	linux-mvl-dove (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-ti-omap4 (Ubuntu Precise)	Low	Fix Released
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Lucid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Lucid)	Undecided	Won't Fix
1158968	CVE-2013-2635	linux-armadaxp (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-armadaxp (Ubuntu Precise)	Low	Fix Released
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Lucid)	Low	Won't Fix
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Quantal)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Raring)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-quantal (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-quantal (Ubuntu Precise)	Low	Fix Released
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Saucy)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Saucy)	Undecided	Invalid
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Saucy)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-raring (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-raring (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-trusty (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-trusty (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-armadaxp (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-ec2 (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-fsl-imx51 (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Trusty)	Undecided	New
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Trusty)	Undecided	New
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Trusty)	Undecided	New
1158968	CVE-2013-2635	linux-lts-quantal (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-raring (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-trusty (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-mvl-dove (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-ti-omap4 (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Utopic)	Undecided	Won't Fix
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Utopic)	Undecided	Won't Fix
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Utopic)	Undecided	Won't Fix
1158968	CVE-2013-2635	linux (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-armadaxp (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-ec2 (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-fsl-imx51 (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-maverick (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-backport-natty (Ubuntu Vivid)	Undecided	Invalid
1158968	CVE-2013-2635	linux-lts-backport-oneiric (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-quantal (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-raring (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-trusty (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-mvl-dove (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-ti-omap4 (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-goldfish (Ubuntu)	Low	Invalid
1158968	CVE-2013-2635	linux-goldfish (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-goldfish (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-goldfish (Ubuntu Vivid)	Low	Invalid
1158968	CVE-2013-2635	linux-lts-saucy (Ubuntu)	Undecided	New
1158968	CVE-2013-2635	linux-lts-saucy (Ubuntu Precise)	Undecided	Won't Fix
1158968	CVE-2013-2635	linux-lts-saucy (Ubuntu Trusty)	Undecided	New
1158968	CVE-2013-2635	linux-lts-saucy (Ubuntu Vivid)	Undecided	New
1158968	CVE-2013-2635	linux-flo (Ubuntu)	Low	New
1158968	CVE-2013-2635	linux-flo (Ubuntu Precise)	Low	Invalid
1158968	CVE-2013-2635	linux-flo (Ubuntu Trusty)	Low	Invalid
1158968	CVE-2013-2635	linux-flo (Ubuntu Vivid)	Low	New

Bug #1175091: Cable Ethernet conn. "die" with Atheros Network Card in Ubuntu 13.04

		In	Importance	Status
1175091	Cable Ethernet conn. "die" with Atheros Network Card in Ubuntu 13.04	network-manager (Ubuntu)	Undecided	Fix Released
1175091	Cable Ethernet conn. "die" with Atheros Network Card in Ubuntu 13.04	Fedora	Medium	Invalid
1175091	Cable Ethernet conn. "die" with Atheros Network Card in Ubuntu 13.04	openSUSE	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-2635

Related bugs and status

Related bugs

References