what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2013-2147

Status Candidate

Overview

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.

Related Files

Debian Security Advisory 2906-1
Posted Apr 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2906-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-4162, CVE-2013-4299, CVE-2013-4345, CVE-2013-4512, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6381, CVE-2013-6382, CVE-2013-6383, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7339, CVE-2014-0101, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2014-2039, CVE-2014-2523, CVE-2103-2929
SHA-256 | 336839d986f877d0c9633d42e6961fa76ae807751676c40199ee1f7de18091c3
Ubuntu Security Notice USN-2050-1
Posted Dec 7, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2050-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2888, CVE-2013-2889, CVE-2013-2892, CVE-2013-2893, CVE-2013-2895, CVE-2013-2896, CVE-2013-2897, CVE-2013-2899, CVE-2013-4299, CVE-2013-4350, CVE-2013-4387, CVE-2013-4470, CVE-2013-0343, CVE-2013-2147, CVE-2013-2888, CVE-2013-2889, CVE-2013-2892, CVE-2013-2893, CVE-2013-2895, CVE-2013-2896, CVE-2013-2897, CVE-2013-2899, CVE-2013-4299, CVE-2013-4350, CVE-2013-4387, CVE-2013-4470
SHA-256 | 8821a1515b5d3a83f986d1b491a7a02d59ae5030a01c256ab95e438a8e7d158a
VMware Security Advisory 2013-0015
Posted Dec 7, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0015 - VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-2372, CVE-2012-3552, CVE-2013-0791, CVE-2013-1620, CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
SHA-256 | 9cbb7e964e769cddfce1c1997789d4b756c22716732fb468d12565b5df47420d
Ubuntu Security Notice USN-2023-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2023-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2897, CVE-2013-4343, CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2897, CVE-2013-4343
SHA-256 | c4d1008673a62559560e8497f477658e929ca195c5dd5bb1200d7052614d9600
Ubuntu Security Notice USN-2018-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2018-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5374, CVE-2012-5375, CVE-2013-2147, CVE-2012-5374, CVE-2012-5375, CVE-2013-2147
SHA-256 | 26ba8f2a9dc4df734a0426fb31924c870e8ec30c3ca055d1e68ec1be29a1307f
Ubuntu Security Notice USN-2015-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2015-1 - Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2897, CVE-2013-4299, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2897, CVE-2013-4299
SHA-256 | c65ef17fab2108cf7be2e4a8fcf4283178c074a26c5740185dc8f53eb50bbffb
Ubuntu Security Notice USN-2017-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2017-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5374, CVE-2012-5375, CVE-2013-2147, CVE-2012-5374, CVE-2012-5375, CVE-2013-2147
SHA-256 | 69396b0d0d083ee263b3ae283d397353335eea77c8a69ba2d644f7c5f9b5497e
Ubuntu Security Notice USN-2020-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2020-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2897, CVE-2013-4343, CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2897, CVE-2013-4343
SHA-256 | 3b15dfac15603e448dafb1c4dd594ea714872409fd89ae17493897cf75ca6374
Ubuntu Security Notice USN-2016-1
Posted Nov 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2016-1 - Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could leverage this flaw to cause a denial of service via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2897, CVE-2013-4299, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2897, CVE-2013-4299
SHA-256 | a220a7baffbe64a639b856dc62b2e98a1dcc47dfef5698aa0801cebea8eaa35b
Ubuntu Security Notice USN-1996-1
Posted Oct 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1996-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147
SHA-256 | b0b5321c721ce6390aa2e111ac2673c1b2bf2223671959b7b7598ed25471d53f
Ubuntu Security Notice USN-1994-1
Posted Oct 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1994-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147
SHA-256 | 4ece68db30f10fd1d7fda3af2dcb83064de8a1d751b5b15cb0acc4f7b104a5e9
Ubuntu Security Notice USN-1999-1
Posted Oct 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1999-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147
SHA-256 | 46dfbbb3131e008fbc18c11154dae6142610f2973f8a2894f93585d6defc7ba8
Ubuntu Security Notice USN-1997-1
Posted Oct 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1997-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2147
SHA-256 | b4163dd4a3d390dd6e4e06d33615c68368b4f3bb18f9e7317255408e917671a0
Red Hat Security Advisory 2013-1264-01
Posted Sep 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2013-2058, CVE-2013-2141, CVE-2013-2146, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301, CVE-2013-4162, CVE-2013-4163
SHA-256 | 9a5ec9f9c7d4781ea08fab5e5ddb59d96541a57787d7f358e43fe24a1469e30c
Red Hat Security Advisory 2013-1166-01
Posted Aug 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1166-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
SHA-256 | fcd744b9ac0dc89a473401d753c27a02c6ebba8fa80ee0c3bab2df69e3c628f5
Mandriva Linux Security Advisory 2013-194
Posted Jul 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-194 - Multiple vulnerabilities has been found and corrected in the Linux kernel. net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. Various other issues have also been addressed. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2012-5517, CVE-2013-0231, CVE-2013-1059, CVE-2013-1774, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301
SHA-256 | 222e6a9b6c229fb8760fbf864b56dd9ad305b2f5b2210ae92ec97c2c2809405b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close