Description
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.
References (10)
Core 10
Core References
Patch x_refsource_confirm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1796-1
Patch x_refsource_confirm
https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1797-1
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/03/05/13
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1793-1
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1794-1
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1795-1
Scores
EPSS
0.0010
EPSS Percentile
27.3%
Details
CWE
CWE-310
Status
published
Products (44)
linux/linux_kernel
3.0 rc1 (7 CPE variants)
linux/linux_kernel
3.0.1
linux/linux_kernel
3.0.2
linux/linux_kernel
3.0.3
linux/linux_kernel
3.0.4
linux/linux_kernel
3.0.5
linux/linux_kernel
3.0.6
linux/linux_kernel
3.0.7
linux/linux_kernel
3.0.8
linux/linux_kernel
3.0.9
... and 34 more
Published
Mar 15, 2013
Tracked Since
Feb 18, 2026