4.9

CVE-2013-0290

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 3.7.9
LinuxLinux Kernel Version3.0 Updaterc1
LinuxLinux Kernel Version3.0 Updaterc2
LinuxLinux Kernel Version3.0 Updaterc3
LinuxLinux Kernel Version3.0 Updaterc4
LinuxLinux Kernel Version3.0 Updaterc5
LinuxLinux Kernel Version3.0 Updaterc6
LinuxLinux Kernel Version3.0 Updaterc7
LinuxLinux Kernel Version3.0.1
LinuxLinux Kernel Version3.0.2
LinuxLinux Kernel Version3.0.3
LinuxLinux Kernel Version3.0.4
LinuxLinux Kernel Version3.0.5
LinuxLinux Kernel Version3.0.6
LinuxLinux Kernel Version3.0.7
LinuxLinux Kernel Version3.0.8
LinuxLinux Kernel Version3.0.9
LinuxLinux Kernel Version3.0.10
LinuxLinux Kernel Version3.0.11
LinuxLinux Kernel Version3.0.12
LinuxLinux Kernel Version3.0.13
LinuxLinux Kernel Version3.0.14
LinuxLinux Kernel Version3.0.15
LinuxLinux Kernel Version3.0.16
LinuxLinux Kernel Version3.0.17
LinuxLinux Kernel Version3.0.18
LinuxLinux Kernel Version3.0.19
LinuxLinux Kernel Version3.0.20
LinuxLinux Kernel Version3.0.21
LinuxLinux Kernel Version3.0.22
LinuxLinux Kernel Version3.0.23
LinuxLinux Kernel Version3.0.24
LinuxLinux Kernel Version3.0.25
LinuxLinux Kernel Version3.0.26
LinuxLinux Kernel Version3.0.27
LinuxLinux Kernel Version3.0.28
LinuxLinux Kernel Version3.0.29
LinuxLinux Kernel Version3.0.30
LinuxLinux Kernel Version3.0.31
LinuxLinux Kernel Version3.0.32
LinuxLinux Kernel Version3.0.33
LinuxLinux Kernel Version3.0.34
LinuxLinux Kernel Version3.0.35
LinuxLinux Kernel Version3.0.36
LinuxLinux Kernel Version3.0.37
LinuxLinux Kernel Version3.0.38
LinuxLinux Kernel Version3.0.39
LinuxLinux Kernel Version3.0.40
LinuxLinux Kernel Version3.0.41
LinuxLinux Kernel Version3.0.42
LinuxLinux Kernel Version3.0.43
LinuxLinux Kernel Version3.0.44
LinuxLinux Kernel Version3.1
LinuxLinux Kernel Version3.1 Updaterc1
LinuxLinux Kernel Version3.1 Updaterc2
LinuxLinux Kernel Version3.1 Updaterc3
LinuxLinux Kernel Version3.1 Updaterc4
LinuxLinux Kernel Version3.1.1
LinuxLinux Kernel Version3.1.2
LinuxLinux Kernel Version3.1.3
LinuxLinux Kernel Version3.1.4
LinuxLinux Kernel Version3.1.5
LinuxLinux Kernel Version3.1.6
LinuxLinux Kernel Version3.1.7
LinuxLinux Kernel Version3.1.8
LinuxLinux Kernel Version3.1.9
LinuxLinux Kernel Version3.1.10
LinuxLinux Kernel Version3.2
LinuxLinux Kernel Version3.2 Updaterc2
LinuxLinux Kernel Version3.2 Updaterc3
LinuxLinux Kernel Version3.2 Updaterc4
LinuxLinux Kernel Version3.2 Updaterc5
LinuxLinux Kernel Version3.2 Updaterc6
LinuxLinux Kernel Version3.2 Updaterc7
LinuxLinux Kernel Version3.2.1
LinuxLinux Kernel Version3.2.2
LinuxLinux Kernel Version3.2.3
LinuxLinux Kernel Version3.2.4
LinuxLinux Kernel Version3.2.5
LinuxLinux Kernel Version3.2.6
LinuxLinux Kernel Version3.2.7
LinuxLinux Kernel Version3.2.8
LinuxLinux Kernel Version3.2.9
LinuxLinux Kernel Version3.2.10
LinuxLinux Kernel Version3.2.11
LinuxLinux Kernel Version3.2.12
LinuxLinux Kernel Version3.2.13
LinuxLinux Kernel Version3.2.14
LinuxLinux Kernel Version3.2.15
LinuxLinux Kernel Version3.2.16
LinuxLinux Kernel Version3.2.17
LinuxLinux Kernel Version3.2.18
LinuxLinux Kernel Version3.2.19
LinuxLinux Kernel Version3.2.20
LinuxLinux Kernel Version3.2.21
LinuxLinux Kernel Version3.2.22
LinuxLinux Kernel Version3.2.23
LinuxLinux Kernel Version3.2.24
LinuxLinux Kernel Version3.2.25
LinuxLinux Kernel Version3.2.26
LinuxLinux Kernel Version3.2.27
LinuxLinux Kernel Version3.2.28
LinuxLinux Kernel Version3.2.29
LinuxLinux Kernel Version3.2.30
LinuxLinux Kernel Version3.3
LinuxLinux Kernel Version3.3 Updaterc1
LinuxLinux Kernel Version3.3 Updaterc2
LinuxLinux Kernel Version3.3 Updaterc3
LinuxLinux Kernel Version3.3 Updaterc4
LinuxLinux Kernel Version3.3 Updaterc5
LinuxLinux Kernel Version3.3 Updaterc6
LinuxLinux Kernel Version3.3 Updaterc7
LinuxLinux Kernel Version3.3.1
LinuxLinux Kernel Version3.3.2
LinuxLinux Kernel Version3.3.3
LinuxLinux Kernel Version3.3.4
LinuxLinux Kernel Version3.3.5
LinuxLinux Kernel Version3.3.6
LinuxLinux Kernel Version3.3.7
LinuxLinux Kernel Version3.3.8
LinuxLinux Kernel Version3.4
LinuxLinux Kernel Version3.4 Updaterc1
LinuxLinux Kernel Version3.4 Updaterc2
LinuxLinux Kernel Version3.4 Updaterc3
LinuxLinux Kernel Version3.4 Updaterc4
LinuxLinux Kernel Version3.4 Updaterc5
LinuxLinux Kernel Version3.4 Updaterc6
LinuxLinux Kernel Version3.4 Updaterc7
LinuxLinux Kernel Version3.4.1
LinuxLinux Kernel Version3.4.2
LinuxLinux Kernel Version3.4.3
LinuxLinux Kernel Version3.4.4
LinuxLinux Kernel Version3.4.5
LinuxLinux Kernel Version3.4.6
LinuxLinux Kernel Version3.4.7
LinuxLinux Kernel Version3.4.8
LinuxLinux Kernel Version3.4.9
LinuxLinux Kernel Version3.4.10
LinuxLinux Kernel Version3.4.11
LinuxLinux Kernel Version3.4.12
LinuxLinux Kernel Version3.4.13
LinuxLinux Kernel Version3.4.14
LinuxLinux Kernel Version3.4.15
LinuxLinux Kernel Version3.4.16
LinuxLinux Kernel Version3.4.17
LinuxLinux Kernel Version3.4.18
LinuxLinux Kernel Version3.4.19
LinuxLinux Kernel Version3.4.20
LinuxLinux Kernel Version3.4.21
LinuxLinux Kernel Version3.4.22
LinuxLinux Kernel Version3.4.23
LinuxLinux Kernel Version3.4.24
LinuxLinux Kernel Version3.5.1
LinuxLinux Kernel Version3.5.2
LinuxLinux Kernel Version3.5.3
LinuxLinux Kernel Version3.5.4
LinuxLinux Kernel Version3.5.5
LinuxLinux Kernel Version3.5.6
LinuxLinux Kernel Version3.5.7
LinuxLinux Kernel Version3.6.9
LinuxLinux Kernel Version3.6.10
LinuxLinux Kernel Version3.6.11
LinuxLinux Kernel Version3.7
LinuxLinux Kernel Version3.7.1
LinuxLinux Kernel Version3.7.2
LinuxLinux Kernel Version3.7.3
LinuxLinux Kernel Version3.7.4
LinuxLinux Kernel Version3.7.5
LinuxLinux Kernel Version3.7.6
LinuxLinux Kernel Version3.7.7
LinuxLinux Kernel Version3.7.8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.318
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=77c1090f94d1b0b5186fb13a1b71b47b1343f87f
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html
http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.8.bz2
Patch
http://www.openwall.com/lists/oss-security/2013/02/15/2
https://bugzilla.redhat.com/show_bug.cgi?id=911473
https://github.com/torvalds/linux/commit/77c1090f94d1b0b5186fb13a1b71b47b1343f87f
Patch