From $URL : Linux kernels built with crypto user APIs are vulnerable to the information disclosure flaw. It occurs when user calls the `crypto_*_report' APIs via netlink based crypto API interface. A privileged user/program (CAP_NET_ADMIN) could use this flaw to read kernel memory area. Upstream fix: ------------- -> https://git.kernel.org/linus/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
From oss-security http://www.openwall.com/lists/oss-security/2013/03/14/21 : CVE-2013-1825 -> REJECT; replaced by these three: CVE-2013-2546 9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 part 1 CVE-2013-2547 9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 part 2 CVE-2013-2548 9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 part 3
There are no longer any 2.x or <3.8.2 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.