| Revision Date: | 2013-12-09 | Version: | 1 | | Title: | CVE-2013-6432 on Ubuntu 12.04 LTS (precise) - medium. | | Description: | The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application. A flaw was discovered in the ipv4 ping_recvmsg function of the Linux kernel. A local user could exploit this flaw to cause a denial of service (NULL pointer dereference and system crash).
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2013-6432
| | Platform(s): | Ubuntu 12.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 12.04 LTS (precise) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in precise is not affected.
OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected.
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected.
OR NOT While related to the CVE in some way, the 'linux-lts-raring' package in precise is not affected.
OR The 'linux-lts-saucy' package in precise was vulnerable but has been fixed (note: '3.11.0-17.31~precise1').
OR NOT While related to the CVE in some way, the 'linux-lts-trusty' package in precise is not affected (note: '3.13.0-24.46~precise1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
|
|