CVE-2013-4470

Impact:
Important
Public Date:
2013-10-21
CWE:
CWE-456
Bugzilla:
1023477: CVE-2013-4470 Kernel: net: memory corruption with UDP_CORK and UFO

The MITRE CVE dictionary describes this issue as:

The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.

Find out more about CVE-2013-4470 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5.

CVSS v2 metrics

Base Score 7.2
Base Metrics AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Extended Update Support 6.4 (kernel) RHSA-2014:0284 2014-03-11
Red Hat Enterprise Linux 6 (kernel) RHSA-2013:1801 2013-12-12
MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2014:0100 2014-01-28

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected

Acknowledgements

Red Hat would like to thank Hannes Frederic Sowa for reporting this issue.

Last Modified