Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 459124 (CVE-2013-1763)

Summary: Kernel : sock_diag: out-of-bounds access to sock_diag_handlers[] (CVE-2013-1763)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: KernelAssignee: Gentoo Kernel Security <security-kernel>
Status: RESOLVED OBSOLETE    
Severity: normal CC: alexander, bugs, dan, josef64, kernel, xenith
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=915052
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 459810, 459812, 460126    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2013-02-25 09:54:25 UTC
From $URL :

Description:
An unprivileged user can send a netlink message resulting in an out-of-bounds access of the 
sock_diag_handlers[] array which, in turn, allows userland to take over control while in kernel 
mode.

References:
http://seclists.org/oss-sec/2013/q1/420
http://thread.gmane.org/gmane.linux.network/260061

Upstream fix:
http://thread.gmane.org/gmane.linux.network/260061
Comment 1 Anthony Basile gentoo-dev 2013-02-26 15:28:51 UTC
hardened-sources-3.7.5-r1 has this patch and will be rapid stabilize to replace 3.7.5
Comment 2 Richard Yao (RETIRED) gentoo-dev 2013-02-28 17:57:48 UTC
gregkh has tagged kernels 3.4.34, 3.7.10 and 3.8.1. Each one has the patch.

3.3.y, 3.5.7 and 3.6.7 appear to be end-of-life and have not had the patch backported. We probably should remove affected ebuilds from the tree.
Comment 3 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-03-01 19:40:47 UTC
Tagged kernels have been introduced and fast track stabilized such that stable users get a proper upgrade (thank you ago and jer), affected versions have been removed (thank you ago) now that most of the fast track stabilization has finished.
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2018-04-04 18:35:05 UTC
There are no longer any 2.x or <3.8.1 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.