Vulnerabilities > CVE-2013-4125 - Resource Management Errors vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2013-13536.NASL description Update to latest upstream stable release, Linux v3.9.11. Various fixes across the tree. This is the last 3.9.y kernel before F18 will be rebased to 3.10.y. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-07-24 plugin id 69028 published 2013-07-24 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69028 title Fedora 18 : kernel-3.9.11-200.fc18 (2013-13536) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-13536. # include("compat.inc"); if (description) { script_id(69028); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4125"); script_xref(name:"FEDORA", value:"2013-13536"); script_name(english:"Fedora 18 : kernel-3.9.11-200.fc18 (2013-13536)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to latest upstream stable release, Linux v3.9.11. Various fixes across the tree. This is the last 3.9.y kernel before F18 will be rebased to 3.10.y. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=984664" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112454.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5ba45804" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC18", reference:"kernel-3.9.11-200.fc18")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-5706.NASL description Description of changes: kernel-uek [3.8.13-118.46.1.el7uek] - ipv6: only static routes qualify for equal cost multipathing (Hannes Frederic Sowa) [Orabug: 30977687] {CVE-2013-4125} - USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31240296] {CVE-2019-19523} - USB: core: Fix races in character device registration and deregistraion (Alan Stern) [Orabug: 31317668] {CVE-2019-19537} - USB: iowarrior: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31351063] {CVE-2019-19528} - usb: iowarrior: fix deadlock on disconnect (Oliver Neukum) [Orabug: 31351063] {CVE-2019-19528} - mremap: properly flush TLB before releasing the page (Linus Torvalds) [Orabug: 31352012] {CVE-2018-18281} last seen 2020-06-10 modified 2020-06-05 plugin id 137172 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137172 title Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5706) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1473.NASL description According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.(CVE-2013-1059) - The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.(CVE-2013-2140) - The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.(CVE-2013-2164) - Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.(CVE-2013-2888) - drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.(CVE-2013-2889) - drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.(CVE-2013-2892) - A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When last seen 2020-06-01 modified 2020-06-02 plugin id 124797 published 2019-05-13 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124797 title EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1473) NASL family Fedora Local Security Checks NASL id FEDORA_2013-13663.NASL description Linux v 3.10.3 stable update contains a very large number of fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-07-28 plugin id 69086 published 2013-07-28 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69086 title Fedora 19 : kernel-3.10.3-300.fc19 (2013-13663) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1936-1.NASL description Chanam Park reported a NULL pointer flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 69419 published 2013-08-21 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69419 title Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1936-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1935-1.NASL description Chanam Park reported a NULL pointer flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 69418 published 2013-08-21 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69418 title Ubuntu 13.04 : linux vulnerabilities (USN-1935-1)
References
- http://www.openwall.com/lists/oss-security/2013/07/15/4
- https://github.com/torvalds/linux/commit/307f2fb95e9b96b3577916e73d92e104f8f26494
- https://bugzilla.redhat.com/show_bug.cgi?id=984664
- http://lists.fedoraproject.org/pipermail/package-announce/2013-July/112619.html
- http://www.securityfocus.com/bid/61166
- http://www.securitytracker.com/id/1028780
- http://lists.fedoraproject.org/pipermail/package-announce/2013-July/112454.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85645
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=307f2fb95e9b96b3577916e73d92e104f8f26494