Oval Definition:oval:com.ubuntu.xenial:def:20131929000
Revision Date:2013-06-07Version:1
Title:CVE-2013-1929 on Ubuntu 16.04 LTS (xenial) - low.
Description:Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-1929
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'linux' package in xenial is not affected (note: '4.2.0-16.19').
  • OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected (note: '4.4.0-1001.10').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected (note: '4.4.0-1003.3').
  • OR NOT While related to the CVE in some way, the 'linux-goldfish' package in xenial is not affected (note: '3.4.0-4.27').
  • OR NOT While related to the CVE in some way, the 'linux-hwe' package in xenial is not affected (note: '4.8.0-36.36~16.04.1').
  • OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in xenial is not affected (note: '4.8.0-36.36~16.04.1').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected (note: '4.2.0-1013.19').
  • OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected (note: '4.4.0-1012.12').
  • BACK