6.9

CVE-2013-4343

Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.8 < 3.10.16
LinuxLinux Kernel Version >= 3.11 < 3.11.5
CanonicalUbuntu Linux Version13.04
CanonicalUbuntu Linux Version13.10
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.272
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2013-1490.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2020-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2023-1
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
Third Party Advisory
Mailing List
http://marc.info/?l=linux-kernel&m=137889490510745&w=2
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2013/09/12/3
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg250066.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2049-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1007733
Third Party Advisory
Issue Tracking