Vulnerabilities

CVE-2013-2548

by Fred · 14/03/2013

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Date published : 2013-03-14

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

Similar

Tags: Cybersecurity Alert