Oval Definition:	oval:com.ubuntu.precise:def:20136383000
Revision Date: 2013-11-26 Version: 1 Title: CVE-2013-6383 on Ubuntu 12.04 LTS (precise) - medium. Description: The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-6383 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'linux' package in precise was vulnerable but has been fixed (note: '3.2.0-58.88'). OR The 'linux-armadaxp' package in precise was vulnerable but has been fixed (note: '3.2.0-1629.41'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-lts-quantal' package in precise was vulnerable but has been fixed (note: '3.5.0-45.68~precise1'). OR The 'linux-lts-raring' package in precise was vulnerable but has been fixed (note: '3.8.0-35.50~precise1'). OR The 'linux-lts-saucy' package in precise was vulnerable but has been fixed (note: '3.11.0-15.23~precise1'). OR NOT While related to the CVE in some way, the 'linux-lts-trusty' package in precise is not affected (note: '3.13.0-24.46~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-ti-omap4' package in precise was vulnerable but has been fixed (note: '3.2.0-1442.61').
BACK