Launchpad.net

CVE 2013-1828

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

Related bugs and status

CVE-2013-1828 (Candidate) is related to these bugs:

Bug #1011449: [Feature] Include support for Intel Bordenville chipset (i2c (SMBUS), Watchdog timer and PCI IDS)

		In	Importance	Status
1011449	[Feature] Include support for Intel Bordenville chipset (i2c (SMBUS), Watchdog timer and PCI IDS)	intel	Medium	Fix Released
1011449	[Feature] Include support for Intel Bordenville chipset (i2c (SMBUS), Watchdog timer and PCI IDS)	linux (Ubuntu)	Medium	Fix Released
1011449	[Feature] Include support for Intel Bordenville chipset (i2c (SMBUS), Watchdog timer and PCI IDS)	linux (Ubuntu Raring)	Medium	Fix Released

Bug #1031162: [Feature] Haswell-ULT UART DMA support

		In	Importance	Status
1031162	[Feature] Haswell-ULT UART DMA support	intel	Undecided	Fix Released
1031162	[Feature] Haswell-ULT UART DMA support	linux (Ubuntu)	Undecided	Fix Released
1031162	[Feature] Haswell-ULT UART DMA support	linux (Ubuntu Raring)	Undecided	Fix Released

Bug #1152791: CVE-2013-1828

		In	Importance	Status
1152791	CVE-2013-1828	linux (Ubuntu)	High	Fix Released
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu)	Undecided	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu)	High	Fix Committed
1152791	CVE-2013-1828	linux-ec2 (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux (Ubuntu Raring)	High	Fix Released
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Raring)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Raring)	High	Won't Fix
1152791	CVE-2013-1828	linux (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Quantal)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Oneiric)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Lucid)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-ec2 (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-fsl-imx51 (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-maverick (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-natty (Ubuntu Hardy)	Undecided	Invalid
1152791	CVE-2013-1828	linux-mvl-dove (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-ti-omap4 (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-armadaxp (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-lts-backport-oneiric (Ubuntu Raring)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Hardy)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Lucid)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Oneiric)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Precise)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Quantal)	High	Invalid
1152791	CVE-2013-1828	linux-lts-quantal (Ubuntu Raring)	High	Invalid

Bug #1153618: Support Realtek RTS5227 card reader

		In	Importance	Status
1153618	Support Realtek RTS5227 card reader	linux (Ubuntu)	Medium	Fix Released
1153618	Support Realtek RTS5227 card reader	HWE Next	Undecided	Fix Released
1153618	Support Realtek RTS5227 card reader	linux (Ubuntu Quantal)	Undecided	Fix Released
1153618	Support Realtek RTS5227 card reader	linux (Ubuntu Raring)	Medium	Fix Released
1153618	Support Realtek RTS5227 card reader	linux (Fedora)	Medium	Expired

Bug #1154238: update alx Ethernet driver

		In	Importance	Status
1154238	update alx Ethernet driver	linux (Ubuntu)	Medium	Fix Released
1154238	update alx Ethernet driver	linux (Ubuntu Quantal)	Medium	Fix Released
1154238	update alx Ethernet driver	linux (Ubuntu Raring)	Medium	Fix Released
1154238	update alx Ethernet driver	HWE Next	Undecided	Fix Released

Bug #1155680: linux: 3.8.0-13.22 -proposed tracker

		In	Importance	Status
1155680	linux: 3.8.0-13.22 -proposed tracker	linux (Ubuntu)	Medium	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	linux (Ubuntu Raring)	Medium	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow	Undecided	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow automated-testing	Undecided	Won't Fix
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow prepare-package	Undecided	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow prepare-package-meta	Undecided	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow prepare-package-signed	Undecided	Fix Released
1155680	linux: 3.8.0-13.22 -proposed tracker	Kernel Development Workflow promote-to-release	Undecided	Fix Released

Bug #1177550: linux-lowlatency: 3.8.0-20.14 -proposed tracker

		In	Importance	Status
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Undecided	Fix Released
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	linux-lowlatency (Ubuntu)	Medium	Invalid
1177550	linux-lowlatency: 3.8.0-20.14 -proposed tracker	linux-lowlatency (Ubuntu Raring)	Medium	Fix Released

Bug #1181021: linux-lowlatency: 3.8.0-22.15 -proposed tracker

		In	Importance	Status
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	linux-lowlatency (Ubuntu)	Medium	Invalid
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	linux-lowlatency (Ubuntu Raring)	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Invalid
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Fix Released
1181021	linux-lowlatency: 3.8.0-22.15 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-1828

Related bugs and status

Related bugs

References