Arch Linux

Your vote could not be added at this time.
Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#34005 - [linux] [CVE-2013-1763] Out of bounds access to sock_diag_handlers may lead to privilege escalation

Attached to Project: Arch Linux
Opened by . (Thralas) - Sunday, 24 February 2013, 20:59 GMT
Last edited by Tobias Powalowski (tpowa) - Monday, 25 February 2013, 10:23 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Tobias Powalowski (tpowa)
Thomas Bächler (brain0)
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No


"An unprivileged user can send a netlink message resulting in an
out-of-bounds access of the sock_diag_handlers[] array which, in turn,
allows userland to take over control while in kernel mode." [1]

Affects: core/linux-3.7.9-1 testing/linux-3.8.1 (linux-lts is not affected)

Upstream fix is available in the net tree [2]. A stable release containing the fix is currently not available.

Note: A PoC was released elswhere (Ubuntu 12.10, x86) [3].

This task depends upon

Closed by  Tobias Powalowski (tpowa)
Monday, 25 February 2013, 10:23 GMT
Reason for closing:  Fixed
Additional comments about closing:  3.7.9-2 & 3.8-2